Datto report says average cost of downtime due to ransomware highest in Canada

The world’s most prominent malware threat is alive and well, and its devastating financial impact on businesses has only increased, especially in Canada, according to Datto Inc.’s fourth annual Global State of the Channel Ransomware Report.

In 2019, Canada has the highest average cost of downtime related to a ransomware attack at $180,000, according to Datto’s annual survey. Last year, that number was $65,724. More than 1,400 managed service providers (MSPs) responded to the survey, an unknown amount of which were from Canada.

The global average cost of downtime rose by 200 per cent in 2019 to $141, 000, up from $46,800 in 2018, which is 23 times greater than this year’s average amount of ransom request of $5,900. The average cost of ransom also increased by 37 per cent.

Ransomware isn’t going anywhere

Eighty-five per cent of small to medium sized business (SMBs) report ransomware being the greatest malware threat in 2019. CryptoLocker remains the top ransomware variant attacking clients, with 66 per cent MSPs reporting it.

On average, one in five SMBs report that they’ve fallen victim to a ransomware attack. Channel partners play an important role in building the proper defenses, according to the report.

“SMBs who don’t outsource their IT services are more at risk,” the report reads.

Similar to last year, MSPs reported phishing emails, lack of cybersecurity training and weak passwords among the top causes of successful ransomware attacks.

MSPs are underutilizing one of the most basic and effective controls in regards to ransomware preparation – two factor authentication.

“MSPs report enabling 2FA on only 60 per cent of email clients and 61 per cent of password managers, despite the fact that the majority of MSPs (67 per cent) claim phishing emails are the leading cause of ransomware breaches at SMBs,” the report reads.

Windows machines are targeted the most frequently by hackers. Source: Datto Global State of the Channel Ransomware Report.

The report also highlights a disconnect on the significance of ransomware as a threat. Nearly 90 per cent of MSPs reported that it’s important for SMBs to be concerned about this threat. Unfortunately, there’s a strong sense among MSPs that SMBs are taking the threat seriously. Only 28 per cent report SMBs are “very concerned” about ransomware. These numbers are again comparable to last year’s findings, which were 90 per cent and 33 per cent, respectively.

Another important finding of the report is that SMBs are not the only entities being targeted hackers. Four in five MSPs agree that ransomware breaches have been increasingly targeting their own businesses.

“MSPs need to set the tone for their SMB customers when it comes to preparing for and responding to ransomware attacks,” said Ryan Weeks, chief information security officer at Datto, who was quoted in the report. “They need to protect themselves first by improving their organization’s cyber hygiene in order to keep their clients safe. MSPs must adopt 2FA universally for any technology they use to service clients, as well as their own business. In a climate where cyber attacks have become an everyday occurrence, 2FA across all technology solutions is one of the most effective controls to reduce the likelihood of a successful attack.”

No single solution guarantees to prevent such an attack, but business continuity and disaster recovery (BCDR) solutions have been noted to be effective in helping businesses by minimizing the impact of ransomware attacks.

“Ninety-two per cent of MSPs report that their clients with BCDR solutions in place are less likely to experience significant downtime during an attack. In addition, four out of five MSPs state victimized clients with BCDR tools in place recovered from an attack in 24 hours or less, while less than one in five MSP clients without BCDR were able to do the same.”

MSPs need to have an in-depth understanding of a business, detailed preparation, and the availability of most appropriate technologies in order to be able to protect it from ransomware attacks or any other type of cyber attack.

“IT downtime can cripple a small business, making it critical to have a proactive approach to cybersecurity. As ransomware attacks continue to increase in frequency and sophistication, we’ll work directly with our clients to help reduce the risk and impact of an attack,” said Jason Grilo, network operation center manager at Solūt, an MSP based in Edmonton, Canada.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Pragya Sehgal
Pragya Sehgal
Her characters are bold and smart, but in real life, Pragya is afraid of going upstairs when it is dark behind her. Born and raised in the capital city of India - Delhi - bounded by the Yamuna River on the west, Pragya has climbed the Himalayas, and survived medical professional stream in high school without becoming a patient or a doctor. Pragya now makes her home in Canada with her husband - a digital/online marketing professional who also prepares beautiful, healthy and delicious meals for her. When she isn’t working or writing around tech, she’s probably watching art films on Netflix, or wondering whether she should cut her hair short or not.

Related Tech News

Featured Tech Jobs


CDN in your inbox

CDN delivers a critical analysis of the competitive landscape detailing both the challenges and opportunities facing solution providers. CDN's email newsletter details the most important news and commentary from the channel.