If ransomware doesn’t kill you, the downtime will, says Datto report

Managed services providers are reporting that the downtime cost per incident has increased by nearly 95 per cent from 2019 and a dizzying 486 per cent from 2018, according to a new study.

Datto’s fifth annual Global State of the Channel Ransomware Report featured another in-depth look at the world’s number one malware threat, and interestingly enough, the shocking rise in downtime did not line up with a rise in ransom requests. Ransom requests have actually decreased slightly to $5,600.

It’s unclear why exactly the massive spike in downtime costs occurred.

“This may mean that downtime costs have increased, or it could mean that MSPs are getting better at calculating the real costs of downtime. Either way, it’s clear that MSPs understand that the damage associated with business downtime is far more costly than the actual ransom,” the report noted.




Unfortunately, it appears that small to medium-sized businesses aren’t getting better at calculating the real costs of downtime or even taking the malware threat seriously. There remains a massive disconnect between SMBs and MSPs when it comes to perceptions about ransomware. The majority of of MSPs believe business should be “very concerned” about the threat of ransomware, but only 30 per cent report their clients feel this way.

MSPs have redoubled their efforts to protect data belonging to them and their clients. Forty-six per cent of MSPs now partner with managed security service providers (MSSPs) for IT security assistance—for their clients and their own businesses.

Response is less of a scramble

MSPs have adjusted their recovery methods. Reimaging a machine from backup was this year’s number one ransomware recovery method this year, a major shift from last year’s strategy that leaned on reimaging from default, according to Ryan Weeks, chief information security officer for Datto.

“I’m pleased to see that ‘re-imaging from backup’ was the top method MSPs are using to recover from ransomware attacks. This shows MSPs have matured their recovery methods. Two years ago, MSPs were still dealing with the shock of ransomware, scrambling to put something in place for recovery and largely re-imaging machines from scratch,” he stated in the report. “Last year, they were in the process of changing how they do things, putting the right solutions in place with their customers to minimize downtime and data loss. Now, we are starting to see the results of those efforts manifest in more mature recovery mechanisms.”

More than 90 per cent of MSPs report that clients with business continuity and recovery solutions in place are less likely to experience significant downtime during
a ransomware attack.


This year Datto asked MSPs what industries were most susceptible to ransomware attacks due to COVID-19. Perhaps not
surprisingly, healthcare was in the top spot. Source: fifth annual Global State of the Channel Ransomware Report. Click to enlarge.

Ransomware creeping into SaaS apps

Nearly a quarter of MSPs reported ransomware attacks on clients’ SaaS applications. Microsoft software was hit the hardest, unsurprising due to the number of organizations relying on Microsoft 365.

But ransomware was also rearing its head in Dropbox (54 per cent). A quarter of MSPs reported ransomware attacks in Google Workspace.

Datto’s Global State of the Channel Ransomware Report is comprised of statistics pulled from an online survey of 1,000+ Datto partners that was distributed throughout the month of August 2020.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Alex Coop
Alex Coophttp://www.itwc.ca
Former Editorial Director for IT World Canada and its sister publications.

Related Tech News

Featured Tech Jobs


CDN in your inbox

CDN delivers a critical analysis of the competitive landscape detailing both the challenges and opportunities facing solution providers. CDN's email newsletter details the most important news and commentary from the channel.