Why Are Small Businesses At Highest Ransomware Risks


Cyber security concerns are rampant in India, and recent analysis reveals that small businesses are the easiest targets. A recent report illustrates that of all the incidents of cyber breaches occurring in India, approximately 43% impact small businesses. In the case of ransomware risks precisely, it is estimated that between January 2020 and July 2022, around 54% of ransomware risks targeted small businesses or businesses with 500 or fewer employees. In addition, only 65% of the data is recovered after such incidents. Moreover, only 8% of companies can recover all their data. 

These statistics paint a grim picture. However, one does not need to be startled by these reports. Effective cybersecurity policies and a resilient and robust crisis mitigation plan to bounce back if such breaches occur can be very effective. Further, it reduces the impact of these threats. To devise any such strategy, one first needs to understand the etiology of such incidents. Moreover, analyze the reasons that make small businesses susceptible to these attacks. Once this is known, protection and reparative action can be decided. Taking account of cyber risks to SMBs, Arete recently launched an incident response retainer program to reduce the impact of cyber risks, enabling SMBs to identify malicious threats already in their systems and determine whether any confidential customer information is at risk.   

Lesser emphasis on cybersecurity due to operational concerns

Small businesses must invest a lot of energy and resources in day-to-day operations to keep the company afloat. This is understandable and desirable to a large extent. However, because of this, cybersecurity is sometimes neglected, making these organizations an easy target. Cyber incidents are discovered much later in these companies, as opposed to threats directed toward larger companies. 

Studies suggest around 48% of the owners of small businesses struggle with data security concerns, and 20% admit to having no cyber resilience plan in place. As a result, making SMBs susceptible to cyber risk threat actors could halt business operations if access to data is denied. They are thus more likely to agree to the ransom demands because of the sense of urgency created.  

Attacking small businesses paves the way for accessing larger enterprises.

Large companies usually outsource a certain percentage of their work to smaller companies. The cyber channels amid these organizations are open, and data travels back and forth between them. This allows threat actors to gain access and hold captive data required for these large organizations by targeting smaller players. A survey illustrating this threat shows that 55% of B2B organizations are among those threatened, as opposed to only 36% of B2C businesses. B2B companies are more likely to be targeted as compared to B2C brands. It is thus safe to say that it is in the interest of larger companies to help build the cybersecurity infrastructure for their collaborating partners. 

SMBs are more susceptible to CEO fraud.

One of the reasons put forth to explain the greater vulnerability of small businesses to cyber threats is that employees are more susceptible to CEO fraud. This means they are likely to open and act on emails sent by threat actors posing as the company’s CEO. Thus, dual authorization procedures must be introduced to avoid such incidents. 


The incidents of ransomware attacks in India increased, and threat actors turned their attention to smaller businesses. This does not mean that SMBs need to be alarmed or taken aback by these figures. It emphasizes the need to strengthen cybersecurity systems, build cyber resilience, and educate employees, irrespective of the business scale. Remember that timely detection, prompt action, and reparative action are highly important in case of such incidents. 

About the author:

Raj Sivaraju is the President, APAC at Arete.