What Clawson is seeing around the world with ransomware is that is has been proven to be effective in mid-sized business environments and below, mainly due to the lack of tools available to deal with the attack.
“Most corporations have the means to deal with that outright from a technology and people perspective,” he said.
“However, if it is a 10-person business environment, it is going to cost them a lot of money to get the issue resolved.”
Clawson admits that it is not uncommon for these smaller businesses to even consider paying the ransom with the hope all of the stolen data returns.
“For that reason, ransomware is more effective when it targets SMBs that do not have the ability to fight it by themselves with technology or people,” he said.
Knowledge and power
The benefit that bigger companies have is access to the necessary tools and manpower to take care of the problem, as well as prevent it from happening in the first place.
“The guys who create the ransomware are also smart enough to know where the money is to be made,” Clawson said.
“Instead of corporations, they tend to target SMBs and individual people that may fall prey to the attack.”
In addition to having the necessary tools to combat ransomware, Clawson said corporations have a culture where staff are more clued up about the pitfalls ransomware, if it manages to get through at all.
“Their technology is already catching the ransomware at the gateway,” he said.
“However, if something does get through, their ability to undo the ransomware is significantly easier than for a private business or single user on their own.”