Datto, Inc., the provider of data protection solutions for businesses around the world, has today released its state of ransomware report to help identify the current levels of the ransom-based malware.
With responses gathered from Datto’s channel partner community of 150 Managed Service Providers (MSPs) serving more than one million small- and medium-sized businesses (SMEs) across Europe, the report reveals the current levels of understanding around ransomware and the frequency of attacks.
It found that between 2016 and 2017, ransomware cost European SME’s £71 million in downtime. The average ransom request was between £350 and £1407.
>See also: 6 steps to protect your company from crypto-ransomware attacks
The cost of paying ransoms is still seen as the least bad option to downtime for some, with 21% of SMEs handing over cash. However, of those that pay, 18% still don’t regain access to data.
Indeed, 11% of MSPs reported that a ransomware virus remained on a SME’s system after the first attack and struck again at a later time.
Despite ransomware attacks’ increasing frequency, reporting figures remain low – fewer than 33% are disclosed to authorities. This could be due to SMEs unwillingness to reveal that they’ve fallen victim.
A lack of cyber security training (45%) and phishing emails (42%) are cited as the leading causes of ransomware attacks.
“Defending against ransomware requires a multi-layered cyber security strategy,” explains Mark Banfield, SVP at Datto. “No single defence is enough – as proven by the number of attacks despite antivirus being in place. Cyber security training needs to be combined with malware blockers and detectors, with a reliable BDR providing the last line of defence.”
>See also: Held hostage: the rise of ransomwar
Alarmingly, 94% of reported attacks happened despite anti-virus software being present. And crucially, 54% of MSPs reported that SME clients without a reliable backup and disaster recovery solution (BDR) couldn’t make a full recovery after an attack, and 93% revealed that those that had one in place were able to.
Banfield suggests that “the impact of ransomware can be threefold.”
“The combined cost of the ransom, downtime and any reputation damage suffered” can have a potentially business-threatening effect on a SME, “so there needs be a greater understanding around it. This can be helped by encouraging victims to report attacks. Providing authorities with real-life data that can be used to improve general awareness, prevention, detection and prosecution of perpetrators.”
“It’s also alarming that a lack of cyber security training is cited as a reason for ransomware’s growing effectiveness.”
>See also: Cyber security: Migrating data to prevent ransomware attacks
Many SMEs, continues Banfield, take their chances by not even providing basic training, but this simply increases the chances of phishing emails and other social engineering attacks being successful. Businesses must teach employees to identify the red flags.
When SME’s “take regular snapshots of networks, they are able to simply spin up systems from a healthy point should a ransomware attack take hold. Critically, this mitigates having to pay the ransom and the downtime suffered from not having access to critical data.”