Cost of ransomware related downtime nearly doubles since 2019 according to new report
- Published: Wednesday, 18 November 2020 08:59
Datto has published its fifth annual Global State of the Channel Ransomware Report, which provides the views of more than 1,000 MSPs on the security posture of small and medium sized businesses (SMBs), along with other notable trends driving ransomware breaches.
The survey found that ransomware still remains the most common cyber threat to SMBs, with 60 percent of MSPs reporting that their SMB clients have been hit as of Q3 2020. The impact of such attacks keeps growing: the average cost of ransomware associated downtime is now 94 percent greater than in 2019, and nearly six times higher than it was in 2018 increasing from $46,800 to $274,200 over the past two years. Phishing, poor user practices, and lack of end user security training continue to be the main causes of successful ransomware attacks.
Other key findings highlighted in the report are:
- MSPs a target: 95 percent of MSPs state that their own businesses are more at risk. This is probably due to the increasing sophistication and complexity of ransomware attacks, almost half (46 percent) of MSPs now partner with specialized Managed Security Service Providers (MSSPs) for IT security assistance – to protect both their clients and their own businesses.
- SMBs spend more on security: 50 percent of MSPs said their clients had increased their budgets for IT security in 2020, perhaps indicating awareness of the ransomware threat is growing.
- Average cost of downtime continues to overshadow actual ransom amount: Downtime costs related to ransomware are now nearly 50X greater than the ransom requested.
- Business continuity and disaster recovery remain the best way to combat ransomware associated downtime: 91 percent of MSPs reporting that clients with business continuity and disaster recovery solutions in place are less likely to experience significant downtime during an attack. Employee training and endpoint detection and response platforms ranked second and third in tackling ransomware.
- During the pandemic, the move to remote working and the accelerated adoption of cloud applications have increased security risks for businesses. More than half (59 percent) of MSPs said remote work due to COVID-19 resulted in increased ransomware attacks, and 52 percent of MSPs reported that shifting client workloads to the cloud increased security vulnerabilities. As a result, SMBs need to take precautions to avoid the costly disruptions that occur in the aftermath of an attack. The survey also determined that healthcare was the most vulnerable industry during the pandemic (59 percent).
The survey revealed the top three ways ransomware is attacking entities:
- Phishing emails. 54 percent of MSPs report these as the most successful ransomware attack vector. The social engineering tactics used to deceive victims have become very sophisticated, making it vital for SMBs to offer extensive and consistent end user security education that goes beyond the basics of identifying phishing attacks.
- Software-as-a-Service (SaaS) applications. Nearly one in four MSPs reported ransomware attacks on clients’ SaaS applications, with Microsoft being hit the hardest at 64 percent. These attacks mean that SMBs must consider the vulnerability of their cloud applications when planning their IT security measures and budgets.
- Windows endpoint systems applications. These are the most targeted by hackers, with 91 percent of ransomware attacks targeting Windows PCs this year.
Obtain the State of the Channel Ransomware Report.