Ransomware attacks can cause small and medium-sized businesses significant financial harm, downtime and reputational damage, according to a new report.
Datto Inc’s State of the Channel Ransomware Report says that in 2016/2017 ransomware cost European SMBs (small and medium-sized businesses) £71 million in downtime-related costs, with the average ransom demand being between £350 and £1,407.
Responses were gathered from Datto’s channel partner community of 150 managed service providers (MSPs) serving more than one million SMBs across Europe. The report also reveals that:
- Paying ransoms is still viewed as the least bad option by some, with 21% of businesses handing over cash and 18% of those still not regaining access to data
- 11% of MSPs reported that a ransomware virus remained on the client’s system after the first attack and struck again later
- Despite the increasing frequency of attacks, fewer than 33% are reported to authorities
- 78% of MSPs reported that clients experienced ‘business-threatening’ downtime
- A lack of cybersecurity training (45%) and phishing emails (42%) are cited as the leading causes of ransomware attacks
- 54% of MSPs reported that clients without a reliable backup and disaster recovery plan couldn’t make a full recovery after an attack, while 93% revealed that those that had one were able to do so
“Defending against ransomware requires a multi-layered cybersecurity strategy,” said Mark Banfield, SVP at Datto. “No single defence is enough, as proven by the number of attacks despite antivirus [software] being in place. Cybersecurity training needs to be combined with malware blockers and detectors, with a reliable [backup and disaster recovery solution] providing the last line of defence.
“It’s also alarming that a lack of cybersecurity training is cited as a reason for ransomware’s growing effectiveness,” continued Banfield. “Many SMBs take their chances by not even providing basic training, but this simply increases the chances of phishing emails and other social engineering attacks being successful. Businesses must teach employees to identify the red flags.
“When SMBs take regular snapshots of networks, they are able to simply spin up systems from a healthy point should a ransomware attack take hold. Critically, this mitigates having to pay the ransom and the downtime suffered from not having access to critical data.”