'Alarming' trend: 9 in 10 Australian SMBs might pay cybercriminals in ransomware attack

'Paying cybercriminals perpetuates further cybercrime' and may break the law, says expert, offering preventative tips

'Alarming' trend: 9 in 10 Australian SMBs might pay cybercriminals in ransomware attack

A new study has unveiled a concerning trend among small and medium businesses (SMBs) in Australia: an “alarming” 87% of Australian SMBs might consider paying cybercriminals in the event of a ransomware attack.

This revelation comes as 60% of these businesses experiencing breach attempts or cybersecurity incidents in the past year, found ESET, a provider of digital security.

The report, which surveyed over 1,400 IT professionals in the Asia-Pacific (APAC) region, highlights that 76% of respondents believe businesses of their size are more vulnerable to cyberattacks compared to larger enterprises.

Ransomware and phishing emails are the top concerns, with 72% of SMBs fearing these threats. However, despite 62% expressing concern about vulnerabilities, only half are using vulnerability and patch management software.

"Although SMBs are confident in their security measures and IT expertise, the majority still faced cybersecurity incidents over the past year," said Parvinder Walia, President of Asia Pacific and Japan (APJ) for ESET. "They feel more vulnerable compared to larger enterprises, underscoring the critical need for SMBs to enhance their security posture."

Not succumbing to ransomware demands

Walia stressed the importance of not succumbing to ransomware demands.

 “It is crucial for SMBs to understand that paying cybercriminals only perpetuates further cybercrime. Instead, they should focus on implementing proactive measures to prevent cyberattacks.”

The ESET report also points out the risks associated with paying ransoms. SMBs should be aware that paying a ransom does not guarantee data recovery and may breach Australian sanctions laws, along with other Commonwealth or state criminal laws.

Instead of paying the ransom, businesses should seek help from authorities and trusted cybersecurity providers, said ESET. Resources like the No More Ransom initiative, to which ESET is an associate partner, offer tools to help companies recover data without paying criminals. The initiative is supported by the Australian Federal Police.

Challenges in cybersecurity for SMBs

Despite a high level of confidence in their security systems, with 86% of SMBs expressing this sentiment, 60% still faced significant breach attempts or incidents in the past year, found ESET.

Key challenges include a lack of dedicated cybersecurity teams and alert fatigue, with 45% of SMBs citing the absence of a dedicated team as a top challenge and 26% experiencing alert fatigue.

Fortifying defenses following an attack remains crucial for SMBs. The report indicates that after a breach or a data security incident, SMBs typically implement comprehensive cybersecurity risk audits, enhance cybersecurity training, deploy new tools, and provide internal safeguarding tips. Notably, 47% of Australian firms prioritize investing in more cybersecurity training, while 45% seek new IT security providers.

Future cybersecurity strategies

Looking ahead, the ESET SMB Cybersecurity Report outlines several strategies Australian SMBs plan to employ to bolster their defenses over the next year:

Increased investment in cybersecurity: About 42% of respondents anticipate a rise in cybersecurity spending, with 18% expecting an increase of more than 80%. This contrasts with more aggressive spending plans observed in Japan and India.

Broader solution considerations: SMBs in India are planning significant cybersecurity enhancements, including deploying Endpoint Detection and Response (EDR), Extended Detection and Response (XDR), Managed Detection and Response (MDR), cloud-based sandboxing, full-disk encryption, and vulnerability and patch management.

Outsourcing cybersecurity: Currently, 36% of SMBs outsource some cybersecurity responsibilities to third-party providers. In the next 12 months, 19% plan to outsource some or all aspects of cybersecurity, while 24% manage cybersecurity in-house and do not plan to outsource.