The world’s most prominent malware threat is alive and well, and its devastating financial impact on businesses has only increased, especially in Canada, according to Datto Inc.’s fourth annual Global State of the Channel Ransomware Report.
In 2019, Canada has the highest average cost of downtime related to a ransomware attack at $180,000, according to Datto’s annual survey. Last year, that number was $65,724. More than 1,400 managed service providers (MSPs) responded to the survey, an unknown amount of which were from Canada.
The global average cost of downtime rose by 200 per cent in 2019 to $141, 000, up from $46,800 in 2018, which is 23 times greater than this year’s average amount of ransom request of $5,900. The average cost of ransom also increased by 37 per cent.
Ransomware isn’t going anywhere
Eighty-five per cent of small to medium sized business (SMBs) report ransomware being the greatest malware threat in 2019. CryptoLocker remains the top ransomware variant attacking clients, with 66 per cent MSPs reporting it.
On average, one in five SMBs report that they’ve fallen victim to a ransomware attack. Channel partners play an important role in building the proper defenses, according to the report.
“SMBs who don’t outsource their IT services are more at risk,” the report reads.
Similar to last year, MSPs reported phishing emails, lack of cybersecurity training and weak passwords among the top causes of successful ransomware attacks.
MSPs are underutilizing one of the most basic and effective controls in regards to ransomware preparation – two factor authentication.
“MSPs report enabling 2FA on only 60 per cent of email clients and 61 per cent of password managers, despite the fact that the majority of MSPs (67 per cent) claim phishing emails are the leading cause of ransomware breaches at SMBs,” the report reads.
The report also highlights a disconnect on the significance of ransomware as a threat. Nearly 90 per cent of MSPs reported that it’s important for SMBs to be concerned about this threat. Unfortunately, there’s a strong sense among MSPs that SMBs are taking the threat seriously. Only 28 per cent report SMBs are “very concerned” about ransomware. These numbers are again comparable to last year’s findings, which were 90 per cent and 33 per cent, respectively.
Another important finding of the report is that SMBs are not the only entities being targeted hackers. Four in five MSPs agree that ransomware breaches have been increasingly targeting their own businesses.
“MSPs need to set the tone for their SMB customers when it comes to preparing for and responding to ransomware attacks,” said Ryan Weeks, chief information security officer at Datto, who was quoted in the report. “They need to protect themselves first by improving their organization’s cyber hygiene in order to keep their clients safe. MSPs must adopt 2FA universally for any technology they use to service clients, as well as their own business. In a climate where cyber attacks have become an everyday occurrence, 2FA across all technology solutions is one of the most effective controls to reduce the likelihood of a successful attack.”
No single solution guarantees to prevent such an attack, but business continuity and disaster recovery (BCDR) solutions have been noted to be effective in helping businesses by minimizing the impact of ransomware attacks.
“Ninety-two per cent of MSPs report that their clients with BCDR solutions in place are less likely to experience significant downtime during an attack. In addition, four out of five MSPs state victimized clients with BCDR tools in place recovered from an attack in 24 hours or less, while less than one in five MSP clients without BCDR were able to do the same.”
MSPs need to have an in-depth understanding of a business, detailed preparation, and the availability of most appropriate technologies in order to be able to protect it from ransomware attacks or any other type of cyber attack.
“IT downtime can cripple a small business, making it critical to have a proactive approach to cybersecurity. As ransomware attacks continue to increase in frequency and sophistication, we’ll work directly with our clients to help reduce the risk and impact of an attack,” said Jason Grilo, network operation center manager at Solūt, an MSP based in Edmonton, Canada.