Ransomware is the most important cyber attack suffered by SMEs, according to Datto’s annual Global State of the Channel Ransomware Report. The report surveyed 2,400 managed service providers (MSPs) that support the IT needs of nearly half a million SMEs worldwide.
According to more than 55 percent of MSPs, their customers suffered a ransomware attack in the first half of 2018. 35 percent said that customers were affected several times a day. And 92 percent of MSPs predict that the number of attacks will continue against the same or higher ransoms.
The problem is that antivirus software is not always effective. According to 86 percent of MSPs, the victims had installed such software. 65 percent had e-mail or spam filters installed and 29 percent used pop-up blockers that were unable to block ransomware attacks. And it’s not just Wind0ws devices that are vulnerable: five times as many MSPs have reported attacks on macOS and iOS platforms.
According to the report, the attacks also have major consequences. The average attack would be ten times more expensive for a company than the ransom itself. On average, an attack costs a company $46,800, while the ransom demanded for attacks averages $4,300.
Most companies do not report the attacks. According to the investigation, less than one in four ransomware attacks is reported to the authorities.
In addition to the findings on the attacks, the report also discusses the security of companies and the measures that can be taken. “It’s time for a new approach. Both large and small companies need to have a plan in place in case of a ransomware attack. At least then they know what to do when it happens,” says Ryan Weeks, Chief Information Security Officer of Datto. He identifies a number of steps that businesses can take, such as end-user training, endpoint protection and an intelligent backup solution.
It states that Business Continuity and Distaster Recovery Technology (BCDR) is considered to be the most effective method for protecting against ransomware. 90 percent of MSPs said that customers would fully recover from an attack within 24 hours. It is also important that SMEs work with MSPs to produce an action plan, including detection, communication, cause analysis, recovery and prevention.
Finally, it is recommended that employees be provided with information and trained to form the first line of defence. Many attacks take place via phishing, rogue websites and web advertisements, among other things.This news article was automatically translated from Dutch to give Techzine.eu a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.