An annual ransomware report published by Datto, shows the recent incline in ransomware related downtime effecting small and medium sized businesses (SMBs). The survey showed that the most common cyber threat to SMBs remains due to ransomware. Nearly 60% of Managed Service Providers (MSPs) reported that their SMB clients have been effected as of Q3 in 2020.
The financial impact these attacks impose is steadily growing. The average cost of ransomware associated downtime is now 94 percent greater than in 2019, and nearly six times higher than it was in 2018 increasing from $46,800 to $274,200 over the past two years. The main causes of these ransomware attacks continue to include phishing, poor user practices, and lack of end user security training.
Datto’s key findings in this report are:
MSPs a target: 95 percent of MSPs state that their own businesses are more at risk. This is probably due to the increasing sophistication and complexity of ransomware attacks, almost half (46 percent) of MSPs now partner with specialized Managed Security Service Providers (MSSPs) for IT security assistance – to protect both their clients and their own businesses.
SMBs spend more on security: 50 percent of MSPs said their clients had increased their budgets for IT security in 2020, perhaps indicating awareness of the ransomware threat is growing.
Average cost of downtime continues to overshadow actual ransom amount: Downtime costs related to ransomware are now nearly 50X greater than the ransom requested.
Business continuity and disaster recovery remain the best way to combat ransomware associated downtime: 91 percent of MSPs reporting that clients with business continuity and disaster recovery solutions in place are less likely to experience significant downtime during an attack. Employee training and endpoint detection and response platforms ranked second and third in tackling ransomware.
During the pandemic, the move to remote working and the accelerated adoption of cloud applications have increased security risks for businesses. More than half (59 percent) of MSPs said remote work due to COVID-19 resulted in increased ransomware attacks, and 52 percent of MSPs reported that shifting client workloads to the cloud increased security vulnerabilities. As a result, SMBs need to take precautions to avoid the costly disruptions that occur in the aftermath of an attack. The survey also determined that healthcare was the most vulnerable industry during the pandemic (59 percent).
The survey revealed the top three ways ransomware is attacking entities:
Phishing emails. 54 percent of MSPs report these as the most successful ransomware attack vector. The social engineering tactics used to deceive victims have become very sophisticated, making it vital for SMBs to offer extensive and consistent end user security education that goes beyond the basics of identifying phishing attacks.
Software-as-a-Service (SaaS) applications. Nearly one in four MSPs reported ransomware attacks on clients’ SaaS applications, with Microsoft being hit the hardest at 64 percent. These attacks mean that SMBs must consider the vulnerability of their cloud applications when planning their IT security measures and budgets.
Windows endpoint systems applications. These are the most targeted by hackers, with 91 percent of ransomware attacks targeting Windows PCs this year. Download Datto’s Global State of the Channel Ransomware Report
The best way to secure sensitive data is to understand what is sensitive in your data, set rules for handling it, implement technical controls to ensure it is actually handled properly, and educate your users about their role in keeping it safe. At VoDaVi, we believe that technology should support and enhance your organization’s success, not constrain it. With our wide range of best-in-class security services, we provide customized solutions that fit your unique IT needs. We’re committed to excelling at our job so you can focus on doing yours. Schedule a Network Assessment today to get started!
Contact us:
Comments