About UsSchedule a Call
Oct 22, 2021

More than Half of Irish SMEs Have Paid Ransoms to Cybercriminals

More than Half of Irish SMEs Have Paid Ransoms to Cybercriminals

We recently commissioned a survey through Censuswide, targeted at the SME market of 200 businesses to ascertain their general understanding around ransomware and cyber security protocols. Frankly, we were shocked to read that over half of Irish Small businesses have paid a ransomware ransom, averaging at €22,712.

The research found that more than a quarter (27%) of those businesses who paid a ransom failed to have all affected data restored. Furthermore, 60% of business owners reported that sensitive data was leaked on the dark web despite paying a ransom. A majority (57%) of small business owners also revealed that they now keep a cryptocurrency reserve in case they are needed to pay a ransom.

When asked about their biggest fears in terms of cybersecurity, loss of customers (37%) ranked first, followed by loss of employees (34%) and sensitive data being made available on the dark web (33%). In addition, more than a quarter (27%) of company owners fear going out of business in the event of a successful cyber-attack.

Despite these findings and the increased awareness of ransomware and other security threats, only 39% of SMEs in Ireland consider themselves to be very well protected from cyber-attacks.

Our newly appointed, Chief Technology Officer, Trevor Coyle said, “While we were aware of the growing trend that businesses are being forced to pay ransoms to cybercriminals, we are still alarmed by how widescale it is in Ireland.

“With tens of thousands of small and medium-sized businesses operating here, this means staggering amounts of money – often in the form of cryptocurrencies - are being lost to cyber criminality. Yet despite paying out these ransoms, some business owners admit that all affected data cannot be restored, and most business owners say their sensitive data has been leaked on the dark web. It’s a very worrying and unsustainable situation, when facing the short-term financial cost but the long term reputational and brand cost could be substantial.

“Understanding the current security posture of your business is critical and conducting outdated audits is no longer an effective way of measurement, this will lead to a false sense of protection.

“As the survey results demonstrate, paying out ransoms in response to cyberattacks do not guarantee a successful restoration of data or systems, and it also encourages future attacks. It’s so important that businesses owners become proactive rather than reactive when it comes to protecting their customers, their employees and ultimately their businesses. These threats are not going away. A clearly defined and well managed cybersecurity strategy - particularly in an increasingly hybrid working world - is an absolute necessity for businesses of all sizes."