Datto, a Connecticut-based cloud solutions company supporting MSPs, has unveiled its fifth annual Global State of the Channel Ransomware Report. More than 1,000 MSPs weighed in on the impact that COVID-19 has had on the security posture of SMBs, along with other notable trends driving ransomware breaches.
The survey found that ransomware still remains the most common cyber threat to SMBs, with 60% of MSPs reporting that their SMB clients have been hit as of Q3 2020. The impact of such attacks keeps growing: the average cost of downtime is now 94% greater than in 2019, and nearly six times higher than it was in 2018 increasing from $46,800 to $274,200 over the past two years, according to Datto’s research. Phishing, poor user practices, and lack of end user security training continue to be the main causes of successful ransomware attacks.
The survey also found that 95% of MSPs consider their businesses to be more at risk, likely due to increasing sophistication and complexity of ransomware attacks. Almost half (46%) of MSPs now partner with specialized Managed Security Service Providers (MSSPs) for IT security assistance – to protect both their clients and their own businesses.
Half of MSP respondents said their clients had increased their budgets for IT security in 2020, perhaps indicating awareness of the ransomware threat is growing. Downtime costs related to ransomware are now nearly 50X greater than the ransom requested.
Business continuity and disaster recovery (BCDR) remains the number one solution for combating ransomware, with 91% of MSPs reporting that clients with BCDR solutions in place are less likely to experience significant downtime during an attack. Employee training and endpoint detection and response platforms ranked second and third in tackling ransomware.
More than half (59%) of MSPs said remote work due to COVID-19 resulted in increased ransomware attacks, and 52% of MSPs reported that shifting client workloads to the cloud increased security vulnerabilities. The survey also determined that healthcare was the most vulnerable industry during the pandemic (59%).
The distributed workforce, brought about by Covid-19, is just the latest factor reinforcing the need for companies to be vigilant with cybersecurity.