New research has found that more than half of Irish SMEs have paid ransoms to cybercriminals.
Research commissioned by Typetec surveyed 200 small and medium business owners across the State, with 52 per cent saying they have paid out ransoms.
The average cost of pay-offs to cybercriminals was €22,712.
Furthermore, 60 per cent of those surveyed said say their sensitive data was leaked on the dark web despite making a payment.
Some 27 per cent of business owners who paid out a ransom said that all the affected data was not restored.
With the significant rate of cyberattacks, 57 per cent keep a cryptocurrency reserve in case they needed to pay a ransom.
Those worried about cyberattacks cited loss of customers, loss of employees and sensitive data being leaked on the dark web as their biggest fears.
Unprotected
Despite the high number of business owners who have paid out a ransom, just 39 per cent of SMEs in Ireland consider themselves to be very well protected from cyber-attacks.
Speaking about the rate of cyberattacks on businesses, Trevor Coyle, Chief Technology Officer at Typetec, said the situation is alarming.
“With tens of thousands of small and medium-sized businesses operating here, this means staggering amounts of money — often in the form of cryptocurrencies — are being lost to cyber criminality,” Mr Coyle said.
“Yet despite paying out these ransoms, some business owners admit that all affected data cannot be restored, and most business owners say their sensitive data has been leaked on the dark web.
“It’s a very worrying and unsustainable situation, when facing the short-term financial cost but the long term reputational and brand cost could be substantial.
“Understanding the current security posture of your business is critical and conducting outdated audits is no longer an effective way of measurement, this will lead to a false sense of protection.
As Mr Coyle explained, paying out ransoms in response to cyberattacks does not guarantee a successful restoration of data or systems, and it also encourages future attacks.
“It’s so important that businesses owners become proactive rather than reactive when it comes to protecting their customers, their employees and ultimately their businesses,” he added.
“These threats are not going away. A clearly defined and well managed cybersecurity strategy — particularly in an increasingly hybrid working world — is an absolute necessity for businesses of all sizes.”