Ransomware Just Affected 22% of Small and Medium Organizations

In the last 90 days, Infocyte found that nearly one-quarter of small and mid-market organizations’ networks have encountered Ransomware attacks that made it past their anti-virus and other security software.


  • Nearly three quarters 72% of Infocyte’s customers have multiple unwanted applications or riskware in their environment that took longer than 90 days to remove, which indicates a lower readiness to respond to high-priority threats when they are uncovered.
  • In the last 90 days, Infocyte found more than 32.5K active, malicious threats and artifacts that made it through organizations’ established defensive and preventative controls.
  • A majority 63% of threats identified were classified as riskware, unwanted, or potentially dangerous hacking or admin tools.

“There is still a lot of work to be done to improve the threat readiness of small and mid-market organizations to modern cyber threats,” said Curtis Hutcheson, CEO at Infocyte. “However, armed with the right detection and incident response platform, small and mid-sized companies’ security teams can close gaps in their defenses, proactively identifying and responding to hidden threats and vulnerabilities before they cause damage.”

Curtis Hutcheson, CEO at Infocyte

Infocyte’s report revealed that dwell time, the number of days an attacker is present on a victim network, remains a major problem for small and mid-sized organizations.

  • The average dwell time for confirmed, non-riskware persistent threats for small and mid-sized organizations is 798 days, far in excess of the reported dwell times in other industry threat reports.
  • More than half 54% of small and mid-sized organizations have non-riskware threats dwelling longer than 30 days.
  • Infocyte also found evidence of long-dwelling threats that have remained active since 2009 on some older systems.
  • Infocyte discovered that the dwell time for lower priority threats was much longer for small and mid-sized organizations, averaging 869 days of dwell time, with the longest being 5-10 years. In addition, 72 percent of networks had unwanted applications lasting longer than 90 days.

“Infocyte’s findings should be a wake-up call for SMBs that are overly confident in their organization’s cybersecurity posture. The reality is that many lack the resources, technology, expertise, and visibility to protect their organizations, let alone their customers’ and partners’ data. The long dwell times reported by Infocyte indicate SMBs are at a higher risk of compromise than their larger enterprise counterparts,” said Aaron Sherrill, Senior Analyst at 451 Research. “While modern cybersecurity threats that evade legacy preventative and detection tools are a growing security gap for SMBs, many are unable to remediate the threats they do know about in a reasonable timeframe.”

We have put together cybersecurity best practices for every organization. We urge you to read the document and live by it.

Learn about the latest in everything you need! Cybersecuritythe Channel, IT, IOT, Edge, AI, SD-WAN, and the Future of Work at the world’s only MSP Expo, part of the ITEXPO #TechSuperShow, Feb 12-14, 2020 Fort Lauderdale, FL.


Share via
Copy link
Powered by Social Snap