Global State of Ransomware Report 2020
Author : Matt Yarranton
27 November 2020

Datto have released their annual Global State of the Channel Ransomware Report for 2020. They have interviewed more than 1000 managed service providers (MSPs) around the world. The report gives details on the state of ransomware from the perspective of the professionals responsible for managing small and medium-sized business (SMB) IT systems.  Here are some of the key findings:

COVID-19 and remote working

The number of ransomware attacks has increased during COVID-19, largely precipitated by people working from home, using personal computers that are not secure and are possibly being shared by an entire family who do not follow the best security practices.

COVID-19 impact on ransomware according to MSPs

Business owners do not see the threats

An interesting statistic in the report is that, while 84% of MSPs believe that SMBs should be very concerned about ransomware, only 30% of SMBs are concerned. The SMB figure was even lower in Europe, at 19%. This indicates a problem regarding awareness within SMBs of the threats. That said, 50% of MSPs report that their clients’ security budget had increased in 2020, most likely because of the COVID-19 pandemic and the increase in home working.

84% of MSPs vs 30% of SMBs said they were concerned about ransomware

Ransomware is becoming more evasive

MSPs report that ransomware is becoming better at evading detection, with 50% of MSPs stating that it got through all security defences. This is largely because cybercriminals use a slightly modified version of their ransomware for each attack so that it avoids detection. Using a multi-layered approach to cybersecurity is more likely to prevent an attack than just using a single solution.
SMBs must assume that it is a case of, not if, but when you will be attacked, and prepare for that eventuality.
Having a defensive in-depth approach, encompassing cybersecurity tools, business continuity and disaster recovery (BCDR) solutions, incident response planning and user awareness training, will give you the best chance of avoiding an attack, and recovering from an attack when it happens.

MSPs report that many of the security solutions used could be bypassed by ransomware

MSPs statistics on which cybersecurity solutions were bypassed by ransomware

Phishing is the number one cause of ransomware attacks

54% of MSPs reported that phishing emails were the leading cause of ransomware attacks amongst their clients. Using security solutions to detect and block phishing emails is important, but not as important as educating your users on how to recognise and report suspected phishing emails.

Top causes of ransomware

Quick recovery minimises impact

Ransomware attacks can have a massive impact on a business’ ability to operate. The biggest consequence of a ransomware attack is the loss of productivity caused by downtime. Having the ability to quickly recover from an attack is key to minimising the impact.  Clients with BCDR solutions and plans are far less likely to experience significant downtime. 91% of MSPs said clients with BCDR were able to recover from a ransomware attack very quickly.
The reputational damage caused by an attack cannot be understated. If your customers think you are not taking care of their data, are they likely to go elsewhere?

Top consequences of ransomware

 

Conclusion

Ransomware is not going away. In fact, each year the numbers increase. This is because it is very profitable for cybercriminals. While they are able to extort money from their victims, they have a business model that is profitable, and they will continue.
While paying the ransom should never be completely discounted in your incident response plan, it is a risky approach as there is no guarantee that the cybercriminals can be trusted to complete their side of the bargain.  Plus, paying cybercriminals only perpetuates the problem.
The best way to protect your business from ransomware is to have a layered approach which comprises cybersecurity awareness training, incident response, cybersecurity tools, and a BCDR solution.
If you are interested in understanding how we can help you to protect your business from ransomware please click this link to arrange a call. We’d be delighted to discuss this with you.

 

 

More Content

How To Secure Your Business When Remote Working

The global COVID-19 crisis means that more people are remote working than ever before.  Businesses rushed to enable their employees to work from anywhere very quickly, which may include access to sensitive company data.  In the rush to stay operational during the...

VIDEO: How to Stay Cyber Safe at Christmas

CHRISTMAS SPECIAL!!! As we are on the countdown to Christmas, today's Tuesday Two Minute Tech Tip is on a (very tenuous) Christmas theme. As we all get ready for the big day we will be thinking of having a few days or even weeks off work and relaxing. Christmas is a...

3 Things You Must Do to Protect Against Ransomware

Ransomware is an increasingly common and devastating cyberattack that can happen to any business. The ransomware attacks that get the most media attention are those on high profile companies, but ransomware attacks on small businesses are increasing too. Many smaller...

VIDEO: How to add your availability to an Outlook Email

Today's Tuesday Two Minute Tech Tip will save you time when arranging meetings. Are you wasting time when trying to book meetings by constantly going back and forth with people trying to find a suitable time? There is a better way to find time for a meeting by using...

VIDEO: How to get the most out of Google searches

Hello everyone! Today's Tuesday Two Minute Tech-tip shows you how to get the best out of your Google searches. Google search is arguably the best in the world and gives us the internet at our fingertips, but it can be hard to find what you are looking for. This tip...

Why you should use a password manager

Introduction It can be difficult to keep track of all of your online passwords, especially if you have multiple accounts for different purposes.  But did you know that there is a way to keep all of your passwords safe and secure? A password manager such as LastPass...

5 Reasons why cybersecurity awareness training is a good investment

Cyber attacks are on the rise. Any business that has experienced any form of internet security breach knows that it can be costly in terms of time and money. The reputation of a business is also at stake if client data is compromised. Cybersecurity is an issue that...

VIDEO: How to align in objects in Microsoft PowerPoint

In today's Tuesday's Two Minute Tech Tip Matt shows you how to align objects in PowerPoint. It can be a pain when trying to align things manually in PowerPoint, but there is a handy little feature that makes this easy. This video will show you how to: 👉 How to quickly...

VIDEO: How to use cross references in Word

Today's Two Minute Tech Tip is another tip for Microsoft Word. If you use Word to write documentation, contracts or any other type of detailed document, then this tip is for you. Usually, when you write such a document, you need to refer to other places in the...

Serious Flaws Discovered in D-Link Routers

Researchers at Fortinet have uncovered serious flaws in four D-Link routers.  The router vulnerabilities were found to allow for remote code execution which means a remote attacker could gain control of your router, snoop on your traffic and redirect your browser to...
Share This