Ransomware remains the top cyber security risk for SMBs

Datto reveals that the average cost of downtime is now 94% greater than last year

Ransomware still poses the biggest malware threat to small and medium-sized businesses (SMBs), cloud cyber security provider Datto has found.

The findings are part of Datto's fifth annual Global State of the Channel Ransomware Report, which surveyed more than 1,000 MSPs on trends driving ransomware breaches, as well as the impact COVID-19 has had on SMB security.

According to the findings, 60% of MSPs reported that their SMB clients have been hit as of Q3 2020, with the average cost of downtime now 94% greater than last year. The figure was also found to be six times greater than 2018, increasing from $46,000 to $274,000. 

More than half (59%) of MSPs said remote work due to COVID-19 resulted in increased ransomware attacks, while 52% said shifting client workloads to the cloud increased security vulnerabilities. In Europe, 42% of MSPs reported that ransomware attacks increased due to remote working.

"The COVID-19 pandemic has accelerated the need for stronger security measures as remote working and cloud applications increase in prevalence," commented Ryan Weeks, Datto’s CISO. 

Globally, healthcare was found to be the most vulnerable industry during the pandemic (59%), while finance and insurance was the most vulnerable in Europe. European MSPs (85%) also reported that their clients suffered more attacks than any other region, with the average cost of downtime continuing to overshadow the actual ransom amount.

In terms of methods, the survey revealed that phishing emails were the most successful form of attack, with 57% of European MSPs reporting it as the top method, while 21% reported attacks on clients’ software as a service (SaaS) applications. 

Windows endpoint systems applications were the most targeted by attackers, with 90% of ransomware attacks targeting Windows PCs across the continent this year, Datto said. 

It’s not just SMB clients that are at risk, either. A massive 95% of MSPs stated that their own businesses are also in danger, with almost half (46%) opting to partner with Managed Security Service Providers to protect both themselves and their clients. 

Related Resource

The essential cyber security toolkit for SMBs

Practical tips for cyber security training

a guide to cyber security for SMBs - Datto whitepaperFree download

SMBs are also upping their security budget to combat the threat, the report revealed, with half the surveyed MSPs reporting that their clients have allocated more funds to protect their business. 

Business continuity and disaster recovery (BCDR) remains the number one solution for combatting ransomware, Datto added, with 91% of MSPs reporting that their clients with BCDR solutions in place are less likely to experience significant downtime during an attack. Employee training and endpoint detection and response platforms came second and third respectively, the report found. 

"Reducing the risk of cyber attacks requires a multi-layered approach rather than a single product – awareness, education, expertise, and purpose-built solutions all play a key role," Weeks added.

"The survey highlights how MSPs are taking the extra step to partner with MSSPs that can offer more security-focused experience, along with a more widespread use of security measures like SSO and 2FA – these are critical strategies businesses and municipalities need to adopt to protect themselves from cyber threats now and in the future."

Featured Resources

Shining light on new 'cool' cloud technologies and their drawbacks

IONOS Cloud Up! Summit, Cloud Technology Session with Russell Barley

Watch now

Build mobile and web apps faster

Three proven tips to accelerate modern app development

Free download

Reduce the carbon footprint of IT operations up to 88%

A carbon reduction opportunity

Free Download

Comparing serverless and server-based technologies

Determining the total cost of ownership

Free download

Recommended

Sophos Intercept X Advanced review: AI-powered protection
endpoint security

Sophos Intercept X Advanced review: AI-powered protection

30 Nov 2021
Sabbath hackers are targeting US schools and hospitals
ransomware

Sabbath hackers are targeting US schools and hospitals

29 Nov 2021
SMBs urged to update software ahead of Black Friday
e commerce

SMBs urged to update software ahead of Black Friday

25 Nov 2021
US adds dozen Chinese tech companies to trade blacklist
Policy & legislation

US adds dozen Chinese tech companies to trade blacklist

25 Nov 2021

Most Popular

Sabbath hackers are targeting US schools and hospitals
ransomware

Sabbath hackers are targeting US schools and hospitals

29 Nov 2021
Apple's mixed reality headset could debut in 2022
augmented reality (AR)

Apple's mixed reality headset could debut in 2022

29 Nov 2021
Nike to take customers into the metaverse with 'NIKELAND'
virtualisation

Nike to take customers into the metaverse with 'NIKELAND'

19 Nov 2021