Talion is a finalist for Best SIEM Solution

Talion is a finalist for Best SIEM Solution for the 4th year in a row

Small Businesses Are Also At Risk of Ransomware Attacks – Here’s Why - Talion

We hear about ransomware plastered across the news – JBS paying ransom to save the food supply chain, the attack on the Colonial Pipeline Co. affecting gas supply. Big companies, big ransoms, and big disruption. But a new report is showing that smaller organisations are actually more at risk from a cyber attack than their larger counterparts.

Although small businesses have less revenue, less data and less employees, they are prime targets for ransomware attacks – and here’s why.


Why Do Small Businesses Fall Victim To Ransomware?


Ransomware Gangs Want To Remain In The Shadows

Often, when large businesses fall victim to ransomware attacks, it makes the headlines. There’s the risk of federal law enforcement getting involved or even the National Government, which is inevitable when damaging critical infrastructure, as the detrimental effects are widespread.

Ransomware attacks on small businesses may seem like a rare occurrence, but they are just as prevalent – they simply don’t make the news. Cyber criminals bask in this hidden glory since they can prolong their unknown identity and ultimately stay under the radar. However, the repercussions on small businesses appear as an ignorance to how vital sufficient security really is. If they don’t see their peers and competitors as targets, how can they take their own security seriously?

According to a report by ransomware recovery specialists Coveware, a “tactical shift” has now been introduced by many ransomware gangs, which includes a “deliberate attempt to extort companies that are large enough to pay a ‘big game’ ransom amount but small enough to keep attack operating costs and resulting media and Law Enforcement attention low.” There is a lot more thought behind these attacks than organisations might initially think, so it’s important to stay vigilant.

“You can hit the jackpot once but provoke such a geopolitical conflict that you will be quickly found. It is better to quietly receive stable small sums from mid-sized companies…” – LockBit 2.0 ransomware gang member


Small Businesses Often Lack Sufficient Security/Training

60% of small businesses do not have a cybersecurity policy – that’s a huge percentage. That’s 60% of small businesses that could fall victim to a ransomware attack at any moment, and not have the resources or capabilities to remediate it. Would they be able to survive?

The reason why small businesses are an ideal target for cyber criminals is that security is often not top of their mind. With fewer employees and clients, and a limited amount of money, they may not see cyber-attacks as a cause for concern, or not troubling enough to warrant spending an “expensive” amount on defences.

The problem is that cyber criminals are more than aware of the difference in sophistication of the security defences in a large company than a small one. They are more than happy to exploit the vulnerabilities of a small company, knowing full well they may feel overwhelmed, and would do anything under the sun to save their business, which for many early founders is like a new-born baby.

Small businesses would benefit from appointing a specialist IT expert on their team to manage cybersecurity – this way the team can learn from someone well-versed in incident response, should the need to remediate an attack arise.




This Is What Happened When A Small Business Fell Victim To Ransomware…

Chris, renamed for privacy purposes, works for a European start-up selling high-end products online to customers around the world. He has shared a detailed account of his experience with falling victim to a ransomware attack as a small business owner.

“It started on a normal day. In the afternoon, towards the end of the working day, a few people found that they couldn’t open certain documents. People just assumed that it was a glitch, that they would just turn their computers on the following day and it would be sorted. So, no one really made a big deal about it.”

It was only when the CEO received an email from the hackers that the dread really sunk in. It said: ‘We’ve taken over your server and locked your documents. Pay us €15,000 in cryptocurrency to get them back. As a gesture of goodwill and to prove we can give you the documents back, we will release two documents of your choice.’

Chris said, “After a long, hard deliberation, we made a decision: we weren’t going to pay the hackers, but we were exposed…It was essential that we had security up and running, so we immediately upgraded the antivirus software to the premium, paid versions.”

He described the experience as making him feel “invaded and vulnerable”. This was his business, his baby, and it could all be over because some hackers were after a bit of cash.

Stories like this are more common than we all think – they may not make the headlines, but they still toy with businesses that are at their pivotal moment of growth, slashing away potential as they go. They cost the business more than simply just money.

“A $15,000 ransomware attack could sink a small business – it nearly sank us.” – Chris


How Can A Small Business Take Action To Fight Ransomware?

If you work for a small business and haven’t been prioritising security, you may be wondering what next steps you can take to ensure your company and employees are protected.

Gurmeet Jutla, Vice President of Technology at Uniserve Communications Corporation, says “the best defence against ransomware and other vulnerabilities is to acknowledge that you can be exploited – then educate yourself.”

Accepting that you may fall victim is the first step you can take, because businesses of all sizes should have security awareness training in place, evaluating their security needs and the procedures employees should have in place to strengthen the security posture of the organisation, from reporting phishing attempts, to validating websites, to simply choosing strong passwords.

Jutla advises small businesses owners “who aren’t necessarily tech savvy to obtain consulting help or hire a services partner to manage all the potential complexities.”

Don’t feel as though you have to face the cybersecurity world alone – if it doesn’t come naturally, there is no shame in outsourcing it to achieve the best possible outcome.

Organisations may look to Managed Security Service Providers to take control of the management of their security devices and systems to relieve pressure and achieve faster and more accurate threat detection and response.



Small businesses shouldn’t ignore ransomware thinking it only targets larger organisations – everyone is at risk.

Whilst there are conflicting views for small businesses – Should they pay the ransom? Is security defence worth the money? – it all starts with evaluating your current situation and making an executive decision based on what works best for you.

All we ask is – don’t ignore it.

Ransomware isn’t going anywhere.

Take the appropriate action, and neither is your business.


Discover the benefits of a Managed Detection & Response (MDR) Service for remediating ransomware attacks in our MDR brochure.

For more immediate action, follow our Top 8 Ransomware Mitigation Tactics.

Watch demo video
We’re a tight-knit, highly skilled operation, so when a threat arises, we move quickly.
Watch demo video
We’re a tight-knit, highly skilled operation, so when a threat arises, we move quickly.
24x7x365 UK-based Security Operations Centre
Service underpinned by market leading threat intelligence team
Continually developed threat relevant content, backed by SLAs
MDR service has featured in the Gartner Magic Quadrant for 6 consecutive years
Experts in SIEM and SOAR technology
UK-based Senior Leadership
Looking to maximise value and flexibility?
Learn how Talion and DEVO partner to achieve this.
Discuss your cyber security needs
Contact us below and one of our team will be in touch to answer your questions.

Call us on 0800 048 5775

Call us directly and we’ll put you in touch with the most relevant cyber expert.

Get In Touch With Us

Not currently free to call? Give us a brief description of what you’re looking for by filling out our form and we’ll email you as soon as we can.