ESET: ransomware attacks can destroy businesses

According to a statement from ESET, an international supplier of business and home security software solutions, the attacks cause great damage: according to the latest report from IBM, the average recovery after a single such attack costs nearly $5 million. The situation is further aggravated by the fact that ransomware often comes in the form of supply chain attacks. An example of this is the 2021 Kaseya incident, where the attack reached numerous organizations around the world by exploiting a vulnerability in the company’s IT management platform. As a reminder: at the end of August 2025, Jaguar Land Rover was hit by a serious cyberattack, forcing the British car manufacturer to shut down for 6 weeks, with an estimated loss of £1.9 billion.

According to the ESET statement, although criminals now attack all industries with ransomware, they pose the greatest threat to small and medium-sized businesses, as shown by the fact that these companies suffer the most damage: according to last year’s Verizon Data Breach Investigations Report, while ransomware causes 39 percent of data leaks in large companies, this rate is 88 percent for small and medium-sized businesses. It was also reported that a third of all damage is related to ransomware or other extortion methods.

The announcement quotes István Csizmazia-Darab, cybersecurity expert at Sicontact Kft., which distributes ESET products, as saying that so-called cyber resilience is no longer just an IT issue, but a business survival strategy. He added that the operation of SMEs, like large companies, depends to a large extent on their data and IT infrastructure, but while large companies are more likely to have tools and policies in place to prevent, detect and neutralize data protection risks, SMEs – in many cases due to the lack of adequate protection – are much more exposed to attacks. Therefore, the threat of permanent data loss and complete business shutdown is often a powerful motivation to pay the ransom, even if there is no guarantee that the business will actually get its data back.

He said that less well-protected small businesses are promising targets for attackers. In fact, by having more digital devices and money than private users, and lower levels of cybersecurity protection than large enterprises, SMEs have long been targeted.

Based on experience, István Csizmazia-Darab said, ransomware groups tend to return to those who have already paid: according to one study, 55 percent of organizations that have paid a ransom once later did so again; Of these, 29 percent paid three or more times.

The expert, analyzing the damage caused, said that when news of a ransomware attack breaks, the public typically hears about the astonishing ransom demands and the legal and ethical dilemmas surrounding the payment, while the attack also involves organizational and human trauma, especially if the incident is accompanied by a data leak and the attackers threaten to make the data public. When systems stop working, business not only comes to a halt, the organization loses money every day, misses out on new opportunities, and its reputation is damaged, while employees also suffer from the situation, as they can lose their jobs overnight; The full recovery process can take months.

István Csizmazia-Darab said regarding prevention that ESET cybersecurity experts recommend that companies install modern protection software before the attack, which is capable of detecting and blocking ransomware even before it is activated, and that companies also regularly perform offline backups separated from the main system.

He added that it is important for organizations to have a disaster scenario that clearly records who will do what in the event of a cyberattack.