5 Ransomware Trends all Businesses Should Know

Datto recently surveyed over 2,400 of our managed service provider (MSP) partners who serve small to medium-sized businesses, or SMBs, around the world with the best in enterprise-level technology.

Ryan Weeks, Chief Information Security Officer, Datto, Inc.
Author: Datto CISO Ryan Weeks

We published the key findings in Datto’s annual State of the Channel Ransomware Report. By surveying our partners – our greatest resource – we gathered a wealth of information and knowledge on the subject. With this data, we are hoping to provide the IT Channel with a new perspective on ransomware by highlighting the prevalence, behaviors, turrets, and impact on SMBs.

Ransomware: 5 Key Statistics and Findings to Know

Here’s a snapshot of some statistics from the report that all businesses should be aware of:

1. Ransomware attacks continue to climb. From Q2 2016 - Q2 2018, 79 percent of MSPs report ransomware attacks against customers. In the first six months of 2018 alone, 55 percent report ransomware attacks against clients. 92 percent of MSPs predict the number of ransomware attacks will continue at current rates or even potentially worse.

2. In the first half of 2018, an alarming 35 percent of MSPs report clients suffered multiple attacks in a single day (up from 26 percent, year-over-year).

3. On average, MSPs report over five attacks against clients per year. However, only about 24 percent of those attacks are reported to authorities, meaning the problem is much larger than we actually know.

4. MSPs rank phishing emails as the top ransomware delivery method followed by malicious websites, web ads, and clickbait.

5. The cost of downtime is 10 times higher than the ransom demanded per incident. MSPs report the average requested ransom for SMBs is ~$4,300 while the average cost of downtime related to a ransomware attack is ~$46,800

Ransomware Mitigation for MSPs

So what are businesses to do? MSPs ranked business continuity and disaster recovery, or BCDR, solutions as the number one solution to avoid downtime. Additionally, 90 percent of MSPs report clients fully recovered from an attack within 24 hours if they had a BCDR solution in place.

Enabling SMBs with the right solutions is just one piece of a ransomware defense plan. MSPs should work to regularly educate their clients about ransomware trends. After all, many ransomware infections are successful due to phishing attacks, malicious websites, web ads, and clickbait directed at small businesses. Educating SMBs will help them serve as the first line of defense when ransomware tries to break through the gates.

For more statistics and best practices, check out the full report: Datto’s Global State of the Channel Ransomware Report.

Ryan Weeks is chief information security officer at Datto Inc. Read more Datto blogs here.