AU$12.6 million in cyber-attack ransoms were paid by small-to-medium businesses (SMBs) across Australia and New Zealand, according to a recent report by Datto.
The report, ‘Datto's State of the Channel Ransomware Report ANZ', surveyed roughly 100 managed service providers (MSPs) serving nearly 160,000 SMBs in ANZ.
A full 92% of MSPs reported that clients in ANZ were hit by ransomware in the past two years, 8% higher than the global average.
Six or more clients were attacked in the first half of 2017 alone, said 33% of MSPs. Additionally, 35% reported multiple attacks against clients in a single day.
And there is no sign of slowing down - 98% of respondents said that they expect the rate of attacks to increase over the next two years.
55% of the victims never pay the ransom and of those who do, 14% still never manage to recover their data.
The amounts that are requested are relatively mild, an average of $500-$2000, however, 79% of respondents reported that their clients had downtime described as ‘business threatening'.
“Many small businesses don't have the expertise to defend against sophisticated cyber-attacks, nor do they realise the true cost of downtime following an attack,” says Datto ANZ regional director James Bergl.
“That's why cybercriminals know small businesses are a profitable ransomware target: paying the ransom often seems like the lesser of two evils for SMBs faced with absorbing tens of thousands of dollars in downtime.
While you would expect this to be a priority for SMBs, only 31% reported being ‘highly concerned' compared with 88% of MSPs.
Phishing and a lack of cybersecurity training take the top spots of MSPs' blame for why ransomware is successful, which shows opportunities for partners who are able to provide training as a part of their offerings.
On a technological solution front, 92% of MSPs report that ransomware bypassed anti-virus software, 76% that it eluded spam filters, and 71% that having the most up-to-date applications didn't help.
In fact, just 4% of MSPs even recommend an anti-virus as an effective way to protect from ransomware.
So, how can the channel help?
By far the most recommended solution was a backup and recovery (BDR) system (66%), followed by the less tech-heavy approach of having employees properly trained (24%).
This is supported by MSPs reporting that 97% of their clients completely bounce back from a ransomware attack if they have a BDR system in place, while only 48% recover fully if they do not.
“We've seen that preventative security measures are continuing to fail at stopping the devastation caused by ransomware, which is why companies need to ensure they have a business continuity plan to minimise the damage. With a reliable backup and disaster recovery solution in place, businesses can avoid paying the ransom and have their business up and running within minutes,” Bergl adds.
Despite the media coverage and near-constant discussion amongst channel players about the importance of security, many SMBs are still at risk and need the support of partners to keep from being exploited by opportunistic cybercriminals.