Ransomware is a big problem, but just how big? We didn’t know — until now.
New numbers from Datto’s State of the Channel Ransomware Report illustrate the size and scope of the ransomware problem facing your small and midsize business (SMB) customers.
Datto found that between last year and this year, SMB ransomware victims will pay ransomware hackers an estimated $301 million.
Datto also found that 99% — that’s virtually every one — of managed service providers (MSPs) expect ransomware attacks to increase over the next 2 years.
To get its findings, Datto recently surveyed more than 1,700 MSPs who work with more than 100,000 SMBs around the world. Datto is itself a provider of data-protection solutions.
The resulting report is a must-read for any solution provider serving the SMB market. It includes new statistics and forecasts on ransomware and its impact on businesses, leading variants and targets of these attacks, and best practices and solutions for protecting businesses from ransomware downtime.
The real cost of attacks
The Datto survey finds that approximately 5% of SMBs worldwide have been the victim of a ransomware attack in the past 12 months. That may not seem like a particularly large number — until you realize that represents 1 in 20 SMBs.
Think about your peers, your competitors, your colleagues. You probably know far more than 20 SMBs. Then realize that at least 1 of them has been hit with a ransomware attack this year. That’s staggering.
But one of the biggest financial impacts to most SMBs didn’t come from paying the ransom. It came instead from the downtime and data loss that resulted from the attack itself, Datto found.
> Frequency: 86% of MSPs said their SMB clients have been victimized by a ransomware attack in the past two years. And 15% reported 6 or more attacks affecting their clients in the past year.
More than one in four MSPs (26%) said their clients have faced multiple attacks in a single day.
> Reporting: Amazingly, most ransomware attacks are never reported to authorities. In the years 2015 to 2016, fewer than 1 in 4 SMB ransomware attacks were reported to authorities.
That number improved in the years 2016 to 2017, to slightly less than 1 in 3 attacks being reported. But this still means most attacks are never reported.
> Payment: Slightly more than 1 in 3 MSPs report their small business victims pay the ransom. But 15% of them never recover their data.
> Verticals: Ransomware attackers show no preference for which verticals they’ll attack. The survey found those verticals most targeted include construction, manufacturing, healthcare, professional services and finance.
> Applications: SaaS applications are a growing target for ransomware attacks. Dropbox, Office 365 and G Suite hold particular appeal for attackers.
> Strains: CryptoLocker is the most popular strain of ransomware attacks. WannaCry broke the top 5 most-cited attacks by MSPs.
> Recovery: Ransomware is still smarter than most of today’s popular security solutions. But with a reliable backup and disaster recovery solution in place, 96% of MSPs said their clients recover fully from a ransomware attack.
Now, if someone tells you we'll never know how big a problem ransomware is, you can tell them otherwise.