Global State of Ransomware Report 2020
Author : Matt Yarranton
27 November 2020

Datto have released their annual Global State of the Channel Ransomware Report for 2020. They have interviewed more than 1000 managed service providers (MSPs) around the world. The report gives details on the state of ransomware from the perspective of the professionals responsible for managing small and medium-sized business (SMB) IT systems.  Here are some of the key findings:

COVID-19 and remote working

The number of ransomware attacks has increased during COVID-19, largely precipitated by people working from home, using personal computers that are not secure and are possibly being shared by an entire family who do not follow the best security practices.

COVID-19 impact on ransomware according to MSPs

Business owners do not see the threats

An interesting statistic in the report is that, while 84% of MSPs believe that SMBs should be very concerned about ransomware, only 30% of SMBs are concerned. The SMB figure was even lower in Europe, at 19%. This indicates a problem regarding awareness within SMBs of the threats. That said, 50% of MSPs report that their clients’ security budget had increased in 2020, most likely because of the COVID-19 pandemic and the increase in home working.

84% of MSPs vs 30% of SMBs said they were concerned about ransomware

Ransomware is becoming more evasive

MSPs report that ransomware is becoming better at evading detection, with 50% of MSPs stating that it got through all security defences. This is largely because cybercriminals use a slightly modified version of their ransomware for each attack so that it avoids detection. Using a multi-layered approach to cybersecurity is more likely to prevent an attack than just using a single solution.
SMBs must assume that it is a case of, not if, but when you will be attacked, and prepare for that eventuality.
Having a defensive in-depth approach, encompassing cybersecurity tools, business continuity and disaster recovery (BCDR) solutions, incident response planning and user awareness training, will give you the best chance of avoiding an attack, and recovering from an attack when it happens.

MSPs report that many of the security solutions used could be bypassed by ransomware

MSPs statistics on which cybersecurity solutions were bypassed by ransomware

Phishing is the number one cause of ransomware attacks

54% of MSPs reported that phishing emails were the leading cause of ransomware attacks amongst their clients. Using security solutions to detect and block phishing emails is important, but not as important as educating your users on how to recognise and report suspected phishing emails.

Top causes of ransomware

Quick recovery minimises impact

Ransomware attacks can have a massive impact on a business’ ability to operate. The biggest consequence of a ransomware attack is the loss of productivity caused by downtime. Having the ability to quickly recover from an attack is key to minimising the impact.  Clients with BCDR solutions and plans are far less likely to experience significant downtime. 91% of MSPs said clients with BCDR were able to recover from a ransomware attack very quickly.
The reputational damage caused by an attack cannot be understated. If your customers think you are not taking care of their data, are they likely to go elsewhere?

Top consequences of ransomware

 

Conclusion

Ransomware is not going away. In fact, each year the numbers increase. This is because it is very profitable for cybercriminals. While they are able to extort money from their victims, they have a business model that is profitable, and they will continue.
While paying the ransom should never be completely discounted in your incident response plan, it is a risky approach as there is no guarantee that the cybercriminals can be trusted to complete their side of the bargain.  Plus, paying cybercriminals only perpetuates the problem.
The best way to protect your business from ransomware is to have a layered approach which comprises cybersecurity awareness training, incident response, cybersecurity tools, and a BCDR solution.
If you are interested in understanding how we can help you to protect your business from ransomware please click this link to arrange a call. We’d be delighted to discuss this with you.

 

 

More Content

6 ways to make your small business look professional

When you start out in business, one of the hardest things to do is find new clients.  Most customers will not buy from you unless they trust you, and trust usually comes from reputation.  But how do you gain people's trust if you are new and don't have much of a...

Homeworking is bad for IT security

A new homeworking security report from CyberArk has surveyed 3000 remote office workers and IT professionals. It finds that increased homeworking, resulting from the 2020 pandemic, could be bad news for a company’s IT security posture. It has uncovered several...

Why the Cloud is not backup

Cloud computing has revolutionised the way businesses work.  Companies that utilise the cloud will have coped the best with COVID-19 imposed restrictions.  Whether forced to by circumstance or not, businesses are moving from the traditional server in the office to...

Why now is a great time to start your own business

"I can accept failure, but I can't accept not trying." - Michael Jordan We are living in unprecedented times.  People are being prevented from leaving their homes and the average worker has been sent to work from home, put on reduced hours, or worse.  It is...

IT Security Still Top Concern For SMBs

A new report from Kaseya reveals that IT Security is still the top concern for small and medium-sized businesses.  The “2019 State of IT Operations for Small and Midsize Businesses” survey took input from more than 400 global respondents and reveals that 32% of...

Is Your Business Ready for Coronavirus Lockdown?

With the COVID-19 coronavirus continuing to spread in the UK, and Italy and China placing lockdowns on their towns and cities, it seems likely that the UK will follow suit if the outbreak continues apace.  Experts have stated today that the spread of the virus in the...

Microsoft urge users to patch against critical vulnerability

Microsoft is warning of a recently discovered critical Windows DNS Server vulnerability that is described as “wormable”. DNS (Domain Name Services) is used by computers all over the world to find each other. The Internet could not work without it. Microsoft DNS is...

Serious Flaws Discovered in D-Link Routers

Researchers at Fortinet have uncovered serious flaws in four D-Link routers.  The router vulnerabilities were found to allow for remote code execution which means a remote attacker could gain control of your router, snoop on your traffic and redirect your browser to...

How to use MS Teams to replace your file server

You all know MS Teams as a video conferencing tool, but do you know about all of its other cool features? One such feature enables businesses to replace file servers, allowing users to work from anywhere and collaborate on documents in real-time.  This video shows you...

Is Your Business Ready for Another COVID-19 Lockdown?

Given the rapid rise in cases over the past few weeks, another lockdown was inevitable. Employers and employees alike will now be used to a 'new normal' where we are encouraged to work from home. During the last lockdown, we all learned that it is possible for us to...
Share This