Managed services providers are reporting that the downtime cost per incident has increased by nearly 95 per cent from 2019 and a dizzying 486 per cent from 2018, according to a new study.
Datto’s fifth annual Global State of the Channel Ransomware Report featured another in-depth look at the world’s number one malware threat, and interestingly enough, the shocking rise in downtime did not line up with a rise in ransom requests. Ransom requests have actually decreased slightly to $5,600.
It’s unclear why exactly the massive spike in downtime costs occurred.
“This may mean that downtime costs have increased, or it could mean that MSPs are getting better at calculating the real costs of downtime. Either way, it’s clear that MSPs understand that the damage associated with business downtime is far more costly than the actual ransom,” the report noted.
- Datto report says average cost of downtime due to ransomware highest in Canada
- Kaspersky report: Nearly half of employees don’t know how to respond to ransomware attacks
Unfortunately, it appears that small to medium-sized businesses aren’t getting better at calculating the real costs of downtime or even taking the malware threat seriously. There remains a massive disconnect between SMBs and MSPs when it comes to perceptions about ransomware. The majority of of MSPs believe business should be “very concerned” about the threat of ransomware, but only 30 per cent report their clients feel this way.
MSPs have redoubled their efforts to protect data belonging to them and their clients. Forty-six per cent of MSPs now partner with managed security service providers (MSSPs) for IT security assistance—for their clients and their own businesses.
Response is less of a scramble
MSPs have adjusted their recovery methods. Reimaging a machine from backup was this year’s number one ransomware recovery method this year, a major shift from last year’s strategy that leaned on reimaging from default, according to Ryan Weeks, chief information security officer for Datto.
“I’m pleased to see that ‘re-imaging from backup’ was the top method MSPs are using to recover from ransomware attacks. This shows MSPs have matured their recovery methods. Two years ago, MSPs were still dealing with the shock of ransomware, scrambling to put something in place for recovery and largely re-imaging machines from scratch,” he stated in the report. “Last year, they were in the process of changing how they do things, putting the right solutions in place with their customers to minimize downtime and data loss. Now, we are starting to see the results of those efforts manifest in more mature recovery mechanisms.”
More than 90 per cent of MSPs report that clients with business continuity and recovery solutions in place are less likely to experience significant downtime during
a ransomware attack.
Ransomware creeping into SaaS apps
Nearly a quarter of MSPs reported ransomware attacks on clients’ SaaS applications. Microsoft software was hit the hardest, unsurprising due to the number of organizations relying on Microsoft 365.
But ransomware was also rearing its head in Dropbox (54 per cent). A quarter of MSPs reported ransomware attacks in Google Workspace.
Datto’s Global State of the Channel Ransomware Report is comprised of statistics pulled from an online survey of 1,000+ Datto partners that was distributed throughout the month of August 2020.