RANSOMWARE ATTACKS AND THEIR IMPACT ON SMALL BUSINESSES: TRENDS, VULNERABILITIES, AND PROTECTIVE MEASURES

Abstract

Ransomware attacks have emerged as a significant and escalating threat to small businesses worldwide, compromising sensitive data and disrupting operations. While existing research largely emphasizes large enterprises, a critical gap persists in understanding the disproportionate impact on small businesses that lack the resources for comprehensive cybersecurity defenses. This study addresses this gap by employing a mixed-method approach, combining a systematic review of recent ransomware incidents with survey data from small business owners in Nigeria. The findings reveal that small businesses are particularly vulnerable due to inadequate security measures, limited cybersecurity awareness, and reliance on outdated technology. Notably, the study uncovers patterns of attack vectors and organizational weaknesses specific to smaller enterprises, which have been underexplored in prior research. To combat this growing menace, the paper proposes a practical resilience framework centered on proactive protective measures, including regular data backups, employee cybersecurity training, and the deployment of cost-effective next-generation security tools. By bridging this research gap, the study contributes actionable insights that can help small businesses safeguard their assets and ensure operational continuity in the face of ransomware threats.