A new report from Malwarebytes released today shows a dramatic increase in the number of malware attacks U.S. small businesses face. In fact, 90 percent of small to medium sized businesses reported increased malware detection in Q1 2017 over Q1 2016. A 500 percent increase in ransomware alone was detected in March of this year in ten states.
Ransomware Attacks Are Increasing
All 50 states suffered through a spike in malware detections. In other alarming news, 15 states had their total number of incidents quadruple. Small Business Trends talked with Adam Kujawa, Director of Malware Intelligence at Malwarebytes and Justin Dolly, EVP, Chief Security Officer and CIO of Malwarebytes. They talked about the latest trends and the types of threats to small businesses highlighted in the report.
Big Problem in the Small Business World
“Ransomware has been a big problem in the SMB world and that has not changed,” Kujawa says. “We’ve seen a 231 percent increase in incidences between Q1 2016 and Q1 2017.”
Adware is another persistent threat to small business. Kujawa says this is the most prolific malware businesses need to battle at least in part because it constantly changes to evade detection. Arizona had the most striking numbers with a year over year increase of 1774.42 percent. Maine, Alaska and Hawaii followed suit with exponential increases.
Small Businesses Vulnerable
Small businesses are left especially vulnerable. They often don’t have the money to buy the more involved solutions bigger companies and corporations have. Kujawa says cybercriminals are well aware of this small business Achilles Heel. They often exploit it through creating “spoof” emails that pose as legitimate third party vendors and even banks. These phony emails often contain the malware that gets activated when opened.
“The most prevalent method of distributing malware is through email,” Kujawa says, adding it’s also a common method for small businesses to reach out to third parties.
A Layered Approach
Dolly suggests one way for small businesses to combat malware is to understand how to get to the root of the problem. He says having a layered approach to stay ahead of malware variations works. Taking advantage of the latest technology is an important part of the mix.
“For example,” he says, ” a cloud platform should allow small to medium sized businesses to manage all of the end points that could have malware bytes installed.”
High Risk Industries
According to the report, Maine had the the highest rate of malware detection per 100 endpoints. Some of the highest risk industries included retail, tourism and healthcare. These endpoints refer to the laptops, desktops, smartphones and other devices that connect to a network.
The report’s data was collected from millions of small to medium sized business computers protected by products from Malwarebytes. There were four types of malware studied — spyware, ransomware, adware and botnets. The study ran from January 1, 2016 to March 31, 2017.