'Potentially unsecured' SMBs are propping up an IT supply chain riddled with ransomware
More than half of IT supply chains have been impacted by ransomware attacks in recent years and organisations are failing to implement the necessary steps to prevent future damage


New research has shown that more than half of global organisations have had their supply chains impacted by potentially unsecured SMBs falling victim to ransomware attacks.
Security firm Trend Micro’s report showed that 52% of supply chains have been affected by the threat and the vast majority of those surveyed (90%) feel that either their partners and customers or both, are making them a “more attractive target” for attacks.
The same proportion of organisations that were affected by ransomware attacks in their supply chains (52%) also said that said supply chains are “very significantly” or “significantly” propped up by SMBs that may be prone to exercising less secure cyber practices.
Despite this, Trend Micro observed that organisations are reluctant to work with their partners to improve security throughout the supply chain.
“We found that 52% of global organisations have had a supply chain organisation hit by ransomware, potentially putting their own systems at risk of compromise”, said Bharat Mistry, technical director at Trend Micro.
“But many aren’t taking steps to improve partner cyber security,” he added. “The first step towards mitigating these risks must be enhanced visibility into and control over the expanding digital attack surface.”
Only 47% of organisations share information about ransomware attacks with partners or suppliers and this figure falls even lower to 25% when it comes to general threat information, the survey results showed.
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
This led to around one in six (15%) IT leaders reporting that they couldn’t be sure if their partner or supplier had ever suffered a ransomware attack.
Ransomware has topped the list of cyber security threats to businesses for around five years but according to Trend Micro, on average 31% of organisations still don’t feel adequately protected against the threat.
The data from other metrics were largely similar across the regions but the confidence in an organisation’s cyber security posture, looking at the data on a region-by-region basis, varied substantially.
Hong Kong was the region with the most confidence in its organisations’ cyber security resilience. An average of the 102 respondents from the region showed just 18% were unconvinced about their security posture, despite it reporting the greatest proportion of organisations by region that experienced a ransomware attack in the last three years (83%).
Other regions were more aware of the situation, such as Norway and 58% of its 105 surveyed organisations reported a lack of confidence in their cyber security resiliency.
RELATED RESOURCE
Cold chain logistics in Europe
How to overcome the unexpected by building resilience, gaining visibility and operating sustainably
This was a more accurate reflection given the 75% of organisations reporting at least one ransomware attack in the past three years - a figure that placed it on the upper end of average compared to other nations.
Trend Micro said that “there is no silver bullet when it comes to reducing ransomware risk in the supply chain”, but there are several important steps that businesses aren’t currently taking.
“The key is first to gain a comprehensive understanding of the supply chain itself and corresponding data flows so that high-risk suppliers can be identified,” it said.
“They should be regularly audited where possible against industry baseline standards. And similar checks should be enforced before onboarding new suppliers.”
Implementing security controls such as least-privilege policies for all devices and services, enabling multi-factor authentication (MFA), scanning open source components for security flaws before building into CI/CD pipelines, and performing regular back-ups, among others, can all go a long way in becoming more cyber resilient.

Connor Jones has been at the forefront of global cyber security news coverage for the past few years, breaking developments on major stories such as LockBit’s ransomware attack on Royal Mail International, and many others. He has also made sporadic appearances on the ITPro Podcast discussing topics from home desk setups all the way to hacking systems using prosthetic limbs. He has a master’s degree in Magazine Journalism from the University of Sheffield, and has previously written for the likes of Red Bull Esports and UNILAD tech during his career that started in 2015.
-
How to implement a four-day week in tech
In-depth More companies are switching to a four-day week as they look to balance employee well-being with productivity
-
Intelligence sharing: The boost for businesses
In-depth Intelligence sharing with peers is essential if critical sectors are to be protected
-
Hackers breached a 158 year old company by guessing an employee password – experts say it’s a ‘pertinent reminder’ of the devastating impact of cyber crime
News A Panorama documentary exposed hackers' techniques and talked to the teams trying to tackle them
-
The ransomware boom shows no signs of letting up – and these groups are causing the most chaos
News Thousands of ransomware cases have already been posted on the dark web this year
-
Everything we know about the Ingram Micro cyber attack so far
News A cyber attack on Ingram Micro severely disrupted operations and has been claimed by the SafePay ransomware group.
-
A prolific ransomware group says it’s shutting down and giving out free decryption keys to victims – but cyber experts warn it's not exactly a 'gesture of goodwill'
News The Hunters International ransomware group is rebranding and switching tactics
-
Swiss government data published following supply chain attack – here’s what we know about the culprits
News Radix, a non-profit organization in the health promotion sector, supplies a number of federal offices, whose data has apparently been accessed.
-
Ransomware victims are getting better at haggling with hackers
News While nearly half of companies paid a ransom to get their data back last year, victims are taking an increasingly hard line with hackers to strike fair deals.
-
LockBit data dump reveals a treasure trove of intel on the notorious hacker group
News An analysis of May's SQL database dump shows how much LockBit was really making
-
‘I take pleasure in thinking I can rid society of at least some of them’: A cyber vigilante is dumping information on notorious ransomware criminals – and security experts say police will be keeping close tabs
News An anonymous whistleblower has released large amounts of data allegedly linked to the ransomware gangs