UK companies most likely to ignore ransomware advice

UK firms have lost confidence in their ability to combat ransomware following the WannaCry NHS breach

Almost half (49 per cent) of UK firms believe that they should pay demands following a ransomware attack; much higher than the global figure of 42 per cent, according to Malwarebytes' second annual State of Ransomware report. UK companies appear to have a reason to feel as they do: 46 per cent lost files after refusing to pay demands, the highest of any of the geographies surveyed.

The Malwarebytes report covers more than 1,000 SMBs in the UK, USA, France, Germany, Australia and Singapore. It found that 35 per cent of firms had been attacked with ransomware over the past year, and 37 per cent in the UK.

It is downtime that is most damaging to small businesses. Only three per cent of UK organisations said that their downtime from ransomware infections was ‘minimal' (lasting up to an hour), and 25 per cent reported it lasting between one and eight hours. However, more than 70 per cent said that downtime lasted for more than nine hours. Reinforcing this, Malwarebytes' data shows that many ransomware demands - almost 60 per cent - were for $1,000 or less: only 13 per cent of demands in the UK were for more than $10,000.

While all firms believe that dealing with ransomware is a high priority, they are not confident in their ability to do so: 67 per cent of respondents globally, and 68 per cent in the UK, said it is important to invest in resources, funding and technology to address the problem, and 53 per cent (both globally and in the UK) to invest in training and education. However, 20 per cent of UK firms (11 per cent globally) are not at all/not very confident in their ability to stop a ransomware attack. The UK was also identified as the nation that is worst at identifying the source of such incidents.

Despite the lack of confidence, UK firms were more resilient to ransomware than their counterparts in other geographies: only 18 per cent reported having to cease operations immediately, compared to 22 per cent globally.

"Businesses of all sizes are increasingly at risk from ransomware attacks," said Marcin Kleczynski, CEO of Malwarebytes. "However, the stakes of a single attack for a small business are far different from the stakes of a single attack for an enterprise. Our findings demonstrate that SMBs are suffering in the wake of attacks to the point where they must shut down operations. To make matters worse, most of them lack the confidence in preventing attacks; despite significant investments in defensive technologies. As a security community, it's important that we thoroughly understand the battles that these companies are facing, so we can better protect them."