Interview: Datto talks ransomware and 'cyber extortion'
Small businesses are increasingly falling victim to not one ransomware attack, but multiple attacks as 'cyber extortion' increases, according to Datto, which is urging the channel to be more proactive in educating customers.
The business continuity and backup and disaster recovery vendor's recent State fo the Channel Ransomware Report – which surveyed 1,700 managed services providers globally, including across Asia Pacific – revealed that businesses paid US$301 million to ransomware hackers last year.
The survey saw 97% of MSPs reporting a 'significant' increase in ransomware attacks in 2017. In Asia Pacific 92% of MSPs surveyed reported ransomware attacks between 2015 and 2017, ahead of the global figure of 86%; with 74% of APAC MSPs also reporting attacks in the first half of 2017 – again ahead of the global average of 59%.
Speaking to ChannelLife, Rob Rae, Datto vice president, says awareness of ransomware among SMBs remains 'very low'.
"The problem is that even in the wake of monumental global attacks like WannaCry and NotPetya, it's always the larger enterprises which have been affected making headlines, rather than SMBs, which means that they are still easy pickings for attackers," Rae says.
"We know from the results [of the Ransomware Report] that although resellers are very aware of this increasing threat, there is still relatively low knowledge, understanding and concern from business owners, with only 38% of SMBs indicating 'some knowledge' of ransomware, compared with 34% last year," he says.
"While large organisations across the world spend millions of dollars investing in cyber security products and training for their teams, SMBs do not have this luxury.
"This is where the channel comes in. There's an opportunity for resellers to bridge this gap, by providing the education necessary to help SMBs fend off attack.
"For resellers, it's a great conversation to have with prospects and an excellent way to provide added value to your current client base," Rae says.
The report shows a 15% increase in the number of repeat attacks targeting the same business multiple times – something Rae calls cyber extortion, and something he says is a worrying trend.
"When SMBs are attacked, it's common for them to panic and pay the ransom to retrieve their data.
"This however is the worst thing you can do, sending the wrong message to attackers. Again, this is where the channel can work to educate business owners," he says.
"SMBs need to stop paying the ransom, and the channel needs to educate them on this point. "When businesses pay the ransom, they confirm that they have money and that they value their data, which is dangerous and could see them being targeted again and again.
"[It's also] important to know that paying the ransom does not mean that you will regain access to your data, in most cases it is the opposite.
So what's the solution?
According to Rae, ransomware continues to outsmart today's top security solutions, something he says makes backup and disaster recovery even more essential.
"The survey results showed that with a reliable backup and recovery solution (BDR) in place, 96% of MSPs reported that clients were able to fully recover from a ransomware attack," he says.
"The truth is, even if businesses apply best practices to limit the impact of ransomware attacks, like backing-up critical files, ensuring they have a good cybersecurity solution in place, and ensuring they are patching their system appropriately, none of these things are going to them restore their systems and get back up and running in the fastest possible way following attack.
"The most effective means for business protection from ransomware is a backup and disaster recovery (BDR) solution, followed by cybersecurity training.