Security

Ransomware targets smaller businesses, security CEO warns

Trending cyber attacks such as ransomware may be typically overlooked by small and midsize businesses, but the CEO of security firm Lumension warns that they are actually in the line of fire.

Pat Clawson, Lumension
Pat Clawson

Around the world, ransomware has been proved to be effective in midsized business environments and below, mainly due to the lack of tools available to deal with the attack, said Pat Clawson, chairman and CEO of Lumension, which is based in Scottsdale, Arizona.

"Most corporations have the means to deal with that outright from a technology and people perspective," he said. "However, if it is a ten person business environment, it is going to cost them a lot of money to get the issue resolved."

Clawson admits that it is not uncommon for these smaller businesses to even consider paying the ransom with the hope all of the stolen data returns.

"For that reason, ransomware is more effective when it targets SMBs that do not have the ability to fight it by themselves with technology or people," he said.

Knowledge and power

The benefit that bigger companies have is access to the necessary tools and manpower to take care of the problem, as well as prevent it from happening in the first place.

"The guys who create the ransomware are also smart enough to know where the money is to be made," Clawson said. "Instead of corporations, they tend to target SMBs and individual people that may fall prey to the attack."

In addition to having the necessary tools to combat ransomware, Clawson said corporations have a culture where staff are more aware of the pitfalls of ransomware, if it manages to get through at all.

"Their technology is already catching the ransomware at the gateway," he said. "However, if something does get through, their ability to undo the ransomware is significantly easier than for a private business or single user on their own."

Subscribe to the Security Watch Newsletter

Comments