Half of SME businesses paid  out ransoms to cypercriminals
Trevor Coyle, CTO, Typetec

Half of SME businesses paid out ransoms to cypercriminals

OVER half of SME Irish businesses have paid out ransoms to cypercriminals, according to a revealing survey by one of Ireland’s leading managed IT and cyber security solutions provider, Ballymount based, Typetec.

The independent research commissioned by Typetec surveyed over 200 small and medium business owners from across the Republic of Ireland and showed that 52 per cent of Irish SMEs have paid ransoms to cybercriminals.

Other key findings are the average cost of each ransom paid was €22,712.

Despite paying a ransom, 60 per cent of businesses say their sensitive data was leaked on the dark web, and only 40 per cent consider themselves well protected from cyber-attacks.

The survey, commissioned by Typetec and conducted by independent research company Censuswide, found a majority (57 per cent) of small business owners also revealed that they keep a cryptocurrency reserve in case they are needed to pay a ransom.

When asked about their biggest fears in terms of cybersecurity, loss of customers (37 per cent) ranked first, followed by loss of employees (34 per cent) and sensitive data being made available on the dark web (33 per cent). In addition, more than a quarter of company owners fear going out of business in the event of a successful cyber-attack.

Trevor Coyle, Chief Technology Officer, Typetec said it was alarming how widescale the problem is in Ireland.

“With tens of thousands of small and medium-sized businesses operating here, this means staggering amounts of money – often in the form of cryptocurrencies – are being lost to cyber criminality,” he said.

“Understanding the current security posture of your business is critical and conducting outdated audits is no longer an effective way of measurement, this will lead to a false sense of protection.

“As the survey results demonstrate, paying out ransoms in response to cyberattacks do not guarantee a successful restoration of data or systems, and it also encourages future attacks. It’s so important that businesses owners become proactive rather than reactive when it comes to protecting their customers, their employees and ultimately their businesses.

“These threats are not going away. A clearly defined and well managed cybersecurity strategy – particularly in an increasingly hybrid working world – is an absolute necessity for businesses of all sizes.”