Ransomware remains the top cyber security risk for SMBs

Datto reveals that the average cost of downtime is now 94% greater than last year

Ransomware still poses the biggest malware threat to small and medium-sized businesses (SMBs), cloud cyber security provider Datto has found.

The findings are part of Datto's fifth annual Global State of the Channel Ransomware Report, which surveyed more than 1,000 MSPs on trends driving ransomware breaches, as well as the impact COVID-19 has had on SMB security.

According to the findings, 60% of MSPs reported that their SMB clients have been hit as of Q3 2020, with the average cost of downtime now 94% greater than last year. The figure was also found to be six times greater than 2018, increasing from $46,000 to $274,000. 

More than half (59%) of MSPs said remote work due to COVID-19 resulted in increased ransomware attacks, while 52% said shifting client workloads to the cloud increased security vulnerabilities. In Europe, 42% of MSPs reported that ransomware attacks increased due to remote working.

"The COVID-19 pandemic has accelerated the need for stronger security measures as remote working and cloud applications increase in prevalence," commented Ryan Weeks, Datto’s CISO. 

Globally, healthcare was found to be the most vulnerable industry during the pandemic (59%), while finance and insurance was the most vulnerable in Europe. European MSPs (85%) also reported that their clients suffered more attacks than any other region, with the average cost of downtime continuing to overshadow the actual ransom amount.

In terms of methods, the survey revealed that phishing emails were the most successful form of attack, with 57% of European MSPs reporting it as the top method, while 21% reported attacks on clients’ software as a service (SaaS) applications. 

Windows endpoint systems applications were the most targeted by attackers, with 90% of ransomware attacks targeting Windows PCs across the continent this year, Datto said. 

It’s not just SMB clients that are at risk, either. A massive 95% of MSPs stated that their own businesses are also in danger, with almost half (46%) opting to partner with Managed Security Service Providers to protect both themselves and their clients. 

Related Resource

The essential cyber security toolkit for SMBs

Practical tips for cyber security training

a guide to cyber security for SMBs - Datto whitepaperDownload now

SMBs are also upping their security budget to combat the threat, the report revealed, with half the surveyed MSPs reporting that their clients have allocated more funds to protect their business. 

Business continuity and disaster recovery (BCDR) remains the number one solution for combatting ransomware, Datto added, with 91% of MSPs reporting that their clients with BCDR solutions in place are less likely to experience significant downtime during an attack. Employee training and endpoint detection and response platforms came second and third respectively, the report found. 

"Reducing the risk of cyber attacks requires a multi-layered approach rather than a single product – awareness, education, expertise, and purpose-built solutions all play a key role," Weeks added.

"The survey highlights how MSPs are taking the extra step to partner with MSSPs that can offer more security-focused experience, along with a more widespread use of security measures like SSO and 2FA – these are critical strategies businesses and municipalities need to adopt to protect themselves from cyber threats now and in the future."

Featured Resources

Unlocking collaboration: Making software work better together

How to improve collaboration and agility with the right tech

Download now

Four steps to field service excellence

How to thrive in the experience economy

Download now

Six things a developer should know about Postgres

Why enterprises are choosing PostgreSQL

Download now

The path to CX excellence for B2B services

The four stages to thrive in the experience economy

Download now

Recommended

Best ransomware removal tools
ransomware

Best ransomware removal tools

9 Apr 2021
Mastering endpoint security implementation
Security

Mastering endpoint security implementation

16 Apr 2021
US, UK say Russia was behind SolarWinds hack
cyber attacks

US, UK say Russia was behind SolarWinds hack

16 Apr 2021
Biden looks to shore up the electrical grid’s cyber security
Security

Biden looks to shore up the electrical grid’s cyber security

15 Apr 2021

Most Popular

Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

8 Apr 2021
Xiaomi Redmi Note 10 Pro review: Champagne tastes on a lemonade budget
Mobile Phones

Xiaomi Redmi Note 10 Pro review: Champagne tastes on a lemonade budget

13 Apr 2021