Skip to main content

Woburn, MA –September 7, 2016 –Kaspersky Lab today released new research from its Corporate IT Security Risks 2016 survey finding that on average a single cryptomalware attack may cost up to $99,000 for small and medium businesses (SMBs) and more than half (67 percent) reported complete or partial loss of corporate data due to cryptomalware.

In March-April 2016 we asked more than 3,000 representatives of small and medium-sized companies how they manage to cope with cryptomalware in the constantly changing landscape of cyber threats. 49 percent of SMBs say they consider cryptomalware to be one of the most serious threats that their organization could face. This type of ransomware has entered the top three digital threats which cause serious concern for companies worldwide.

The total amount of damage caused by a cryptomalware attack can be divided into two parts: the ransom and the related losses. The amount of related damage is, to a large extent, affected by shortcomings in the preventive work of the IT staff (poorly administered systems, outdated or missing backups, unreliable passwords, irregularly updated software, etc.). In fact, one in five cases related to significant data loss occurs due to carelessness or unawareness of the employees.

The damage caused by cryptomalware infection is a combination of a variety of factors:

  • Partial or complete suspension of operations (internal business processes, financial transactions, etc.);
  • The loss of valuable data (financial and project documents, customer or partner databases, etc.);
  • Reputational risks, and more.

Although cybercriminals do not guarantee the return of corporate data when targeting SMBs with cryptomalware attacks, 34 percent of entrepreneurs are desperate to get their critical business data back and admit to paying extortionists the ransom when they previously experienced an attack.

"As we can see, almost one-third of SMBs still believe that paying the ransom is the most cost-effective way of getting their data back,” said Vladimir Zapolyansky, Head of SMB Marketing at Kaspersky Lab. “The reality, however, is that the total damage for companies ends up being much greater and there is still no guarantee of recovering the corporate data in question. As criminals increase their efforts to make money by using cryptomalware, small and medium businesses should take preventative measures to minimize the risk of becoming yet another victim. In order to improve the efficiency of their protection against cyberthreats, we advise SMBs to use dedicated solutions and the advanced technologies.”

If a business has been infected with cryptomalware and the data has been encrypted, Kaspersky Lab experts recommend to check whether this data can be restored with the help of free utilities or decryption keys provided on

The full survey report titled, “The Cost of Cryptomalware: SMBs at Gunpoint” is available at Kaspersky Lab’s website here.

About Kaspersky Lab

Kaspersky Lab is a global cybersecurity company founded in 1997. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them.

Learn more at

For the latest in-depth information on security threat issues and trends, please visit: Securelist | Information about Viruses, Hackers and Spam
Follow @Securelist on Twitter

Threatpost | The First Stop for Security News
Follow @Threatpost on Twitter

Media Contact:
Denise Bertrand

A Single Cryptomalware Attack Can Cost Small and Medium-Sized Businesses up to $99,000

Last year that one average a single cryptomalware attack may cost up to $99,000 on average for small and medium businesses (SMBs) and more than half (67 percent) reported complete or partial loss of corporate data.
Kaspersky Logo