Global State of Ransomware Report 2020
Author : Matt Yarranton
27 November 2020

Datto have released their annual Global State of the Channel Ransomware Report for 2020. They have interviewed more than 1000 managed service providers (MSPs) around the world. The report gives details on the state of ransomware from the perspective of the professionals responsible for managing small and medium-sized business (SMB) IT systems.  Here are some of the key findings:

COVID-19 and remote working

The number of ransomware attacks has increased during COVID-19, largely precipitated by people working from home, using personal computers that are not secure and are possibly being shared by an entire family who do not follow the best security practices.

COVID-19 impact on ransomware according to MSPs

Business owners do not see the threats

An interesting statistic in the report is that, while 84% of MSPs believe that SMBs should be very concerned about ransomware, only 30% of SMBs are concerned. The SMB figure was even lower in Europe, at 19%. This indicates a problem regarding awareness within SMBs of the threats. That said, 50% of MSPs report that their clients’ security budget had increased in 2020, most likely because of the COVID-19 pandemic and the increase in home working.

84% of MSPs vs 30% of SMBs said they were concerned about ransomware

Ransomware is becoming more evasive

MSPs report that ransomware is becoming better at evading detection, with 50% of MSPs stating that it got through all security defences. This is largely because cybercriminals use a slightly modified version of their ransomware for each attack so that it avoids detection. Using a multi-layered approach to cybersecurity is more likely to prevent an attack than just using a single solution.
SMBs must assume that it is a case of, not if, but when you will be attacked, and prepare for that eventuality.
Having a defensive in-depth approach, encompassing cybersecurity tools, business continuity and disaster recovery (BCDR) solutions, incident response planning and user awareness training, will give you the best chance of avoiding an attack, and recovering from an attack when it happens.

MSPs report that many of the security solutions used could be bypassed by ransomware

MSPs statistics on which cybersecurity solutions were bypassed by ransomware

Phishing is the number one cause of ransomware attacks

54% of MSPs reported that phishing emails were the leading cause of ransomware attacks amongst their clients. Using security solutions to detect and block phishing emails is important, but not as important as educating your users on how to recognise and report suspected phishing emails.

Top causes of ransomware

Quick recovery minimises impact

Ransomware attacks can have a massive impact on a business’ ability to operate. The biggest consequence of a ransomware attack is the loss of productivity caused by downtime. Having the ability to quickly recover from an attack is key to minimising the impact.  Clients with BCDR solutions and plans are far less likely to experience significant downtime. 91% of MSPs said clients with BCDR were able to recover from a ransomware attack very quickly.
The reputational damage caused by an attack cannot be understated. If your customers think you are not taking care of their data, are they likely to go elsewhere?

Top consequences of ransomware

 

Conclusion

Ransomware is not going away. In fact, each year the numbers increase. This is because it is very profitable for cybercriminals. While they are able to extort money from their victims, they have a business model that is profitable, and they will continue.
While paying the ransom should never be completely discounted in your incident response plan, it is a risky approach as there is no guarantee that the cybercriminals can be trusted to complete their side of the bargain.  Plus, paying cybercriminals only perpetuates the problem.
The best way to protect your business from ransomware is to have a layered approach which comprises cybersecurity awareness training, incident response, cybersecurity tools, and a BCDR solution.
If you are interested in understanding how we can help you to protect your business from ransomware please click this link to arrange a call. We’d be delighted to discuss this with you.

 

 

More Content

How To Secure Your Business When Remote Working

The global COVID-19 crisis means that more people are remote working than ever before.  Businesses rushed to enable their employees to work from anywhere very quickly, which may include access to sensitive company data.  In the rush to stay operational during the...

Blisstech Solutions sponsors KEMP’s Virtual Santa Fun Run

In 2020 everything has been different, and the traditional KEMP Hospice Santa Fun Run is no exception.  In a year where so many charity and participation events have been cancelled, it is great to see that this iconic local event is going ahead, albeit in a very...

How to scan a QR code with your phone

As more venues open up for face to face meetings, some are introducing their own track and trace systems using a QR code that you need to scan with your mobile phone. But how? This video explains how to scan a QR code with your phone so you are not trying to figure it...

Why is my computer so slow!?

“Why is my computer so slow?” is a question heard time and time again and is one of the most common computer complaints. There are a variety of reasons that your computer can appear to be running slowly. I say ‘appear’ as it may not actually be your computer that is causing the problem. Read on to find out possible reasons for this problem.

Serious Flaws Discovered in D-Link Routers

Researchers at Fortinet have uncovered serious flaws in four D-Link routers.  The router vulnerabilities were found to allow for remote code execution which means a remote attacker could gain control of your router, snoop on your traffic and redirect your browser to...

Migrate to Microsoft 365 manually using PST files

When you are migrating to Microsoft 365 from an existing email provider, you'll want to migrate the emails, contacts and calendar from your users existing mailboxes to their shiny new Microsoft 365 mailboxes.  The best-case scenario is your provider will migrate you...

Microsoft Remove Delay Windows 10 Updates in version 2004

We recently wrote an article on how to delay Windows 10 updates so that you can wait until issues are resolved before you install new updates.  However, in the Windows 10 2004 update, Microsoft has removed the ability to delay Feature Updates for up to 365 days in the...

Microsoft urge users to patch against critical vulnerability

Microsoft is warning of a recently discovered critical Windows DNS Server vulnerability that is described as “wormable”. DNS (Domain Name Services) is used by computers all over the world to find each other. The Internet could not work without it. Microsoft DNS is...

What’s coming in Windows 11?

Microsoft has just announced (in a typically 'West Coast'​ way) what's coming in Windows 11.  Here is a rundown of what was announced at the event. Windows 11 Interface Design The first impression visually is that it looks kind of like Linux merged with Mac OSx. The...

Why now is a great time to start your own business

"I can accept failure, but I can't accept not trying." - Michael Jordan We are living in unprecedented times.  People are being prevented from leaving their homes and the average worker has been sent to work from home, put on reduced hours, or worse.  It is...
Share This