Small businesses are becoming bigger targets as cyberattacks decrease

The rate of ransomware attacks is slowing as demands go unpaid, according to Coalition.

(Credit: Yurii Kibalnik/Adobe Stock)

Overall cyber incidents are down and ransomware attacks are on the decline as more demands are refuted, according to Coalition, Inc., which reported ransomware demands decreased from $1.37 million in 2021’s second half to $896,000 in the first half of 2022.

“Organizations are increasingly aware of the threat ransomware poses. They have started to implement controls such as offline data backups that allow them to refuse to pay the ransom and restore operations through other means,” Chris Hendricks, Coalition’s head of incident response, says in a release. “As ransomware is on the decline, attackers are turning to reliable methods. Phishing, for example, has skyrocketed – and only continues to grow.”

While ransomware has dipped, phishing attacks increased during the first half, growing 32% compared with the same period year prior, Coalition reports. During the first two quarters of 2022, phishing accounted for nearly 60% of reported claims.

Despite a slowing of ransomware demands and overall incidents, small businesses (under $25 million in revenue) are becoming bigger targets. During the first half of 2022, the average cost of a claim for a small business increased 58% compared with the first half of 2021, Coalition reports.

Read more: Where should small businesses begin with cybersecurity?

“Across industries, we continue to see high-profile attacks targeting organizations with weak or exposed infrastructure — which has become exacerbated by today’s remote working culture and companies’ dependence on third-party vendors,” Catherine Lyle, Coalition’s head of claims, says in a release. “Small businesses are especially vulnerable because they often lack resources. For these businesses, avoiding downtime and disruption is essential, and they must understand that Active Insurance is accessible.”