Cost of Downtime from Ransomware Nearly Doubles this Year

The increasing cost of downtime puts the ransomware epidemic in perspective.

Edward Gately, Senior News Editor

November 17, 2020

4 Min Read
Ransomware Desktop

The cost of downtime from ransomware attacks has skyrocketed this year, now 50 times the ransom amount demanded by cybercriminals.

That’s according to Datto’s fifth annual Global State of the Channel Ransomware Report. More than 1,000 MSPs weighed in on the impact COVID-19 has had on the security of SMBs. It also covers other notable trends driving ransomware breaches.

The survey found that ransomware remains the most common cyber threat to SMBs. Sixty percent of MSPs said SMB clients have been hit as of the end of the third quarter.

The impact of such attacks keeps growing. The average cost of downtime is now 94% greater than in 2019. And it’s nearly six times higher than it was in 2018. The number has jumped from $46,800 to $274,200 over the past two years.

Phishing, poor user practices, and lack of end-user training continue to be the main reasons ransomware attacks are successful.

Ransomware Epidemic

Ryan Weeks is Datto’s CISO. He said the rate at which the cost of downtime is increasing “really puts the ransomware epidemic in perspective.”


Datto’s Ryan Weeks

“These numbers point to the importance of having a business continuity plan as well as the security tools in place to safeguard against such devastating and costly attacks,” he said.

The survey also revealed:

  • Ninety-five percent of MSPs said their own businesses are more at risk. This is likely due to increasing sophistication and complexity of ransomware attacks. Nearly half of MSPs now partner with MSSPs for IT assistance to protect their clients and their own businesses.

  • SMBs are spending more on security. One-half of MSPs said their clients increased their budgets for IT security in 2020. This likely indicates growing awareness of the ransomware threat.

  • Business continuity and disaster recovery (BCDR) remains the No. 1 solution for combating ransomware. Ninety-one percent of MSPs said clients with BCDR in place are less likely to experience significant downtime during an attack. Employee training, and endpoint detection and response platforms ranked second and third in tackling ransomware.

“We are seeing more risk for health care organizations,” Weeks said. “While this is likely in part due to the current pandemic, we’re also finding that attackers are after more than just ransom payouts. They want intellectual property, too. This is a newer challenge for health care institutions to navigate as they manage sensitive information around vaccine trials and patient data.”

In addition, election security remained in the spotlight for much of 2020, he said.

“Ransomware had its fair share of election-related news this year, prompting many agencies and institutions to pay close attention to their systems,” Weeks said. “While these organizations are typically on high alert, this year’s election created additional hurdles. Perhaps most notably, security experts were able to take down the servers behind Trickbot, an enormous malware network that criminals were using to launch other cyberattacks, including a strain of highly potent ransomware. Officials believed that this attack could have indirectly affected election infrastructure if allowed to continue.”

COVID-19 Brings More Attacks

Many MSPs reported the number of ransomware attacks and security vulnerabilities increased during COVID-19, Weeks said. That’s due to the increase in remote work and cloud computing.

“However, it is worth pointing out that it wasn’t an overwhelming increase, but more of an even split between those who saw an increase and those who did not,” he said. “This implies that ransomware has been and will continue to be a problem for organizations. And the pandemic simply accelerated the rate at which we are seeing attacks.”

Increased risk is due to user carelessness and security vulnerabilities associated with bring-your-own-device policies, Weeks said.

“With the many changes that arose in 2020 (i.e remote work, health risks, etc.), organizations lowered their guard in order to address new challenges resulting in increased risk,” he said. “Additionally, personal devices have been introduced to corporate/business environments despite objections. And finally, there are significant additional remote work security threats, from device theft to family members using corporate machines for personal work/study.”

Top Ransomware Attacks

The top three ways ransomware is attacking entities are phishing emails, SaaS applications and Windows endpoint systems applications.

The report does show progress in the fight against ransomware, Weeks said.

“Organizations are putting spend behind the right tools to defend against ransomware threats,” he said.

“Now more than ever, organizations need to be vigilant in their approach to cybersecurity, especially in the health care industry, as it’s managing and handling the most sensitive (and for criminals the most valuable) private data,” said Travis Lass, president of Xlcon, a Phoenix-based MSP. “The majority of our clients are small health care clinics with no in-house IT. As ransomware attacks continue to increase, it’s critical we do everything we can to support them by arming them with best-in-class technology that will fend off malicious attackers looking to take advantage of the already fragile state of the health care industry.”

Read more about:

MSPsChannel Research

About the Author(s)

Edward Gately

Senior News Editor, Channel Futures

As news editor, Edward Gately covers cybersecurity, new channel programs and program changes, M&A and other IT channel trends. Prior to Informa, he spent 26 years as a newspaper journalist in Texas, Louisiana and Arizona.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like