Ransomware as most significant cyber threat to SMBs: study

Ransomware, a kind of malicious software that threatens to make business data inaccessible until a ransom is paid, continues to be the leading cyber-attack experienced by small-to-medium sized businesses (SMBs) over viruses and spyware, according to Datto, Inc.‘s third annual Global State of the Channel Ransomware Report.

The report surveyed 2,400 managed service providers (MSPs) that support the IT needs of nearly half a million SMBs in Singapore, the wider Asia-Pacific region and across the globe.

The report found that more than 55% of MSPs stated their clients experienced a ransomware attack in the first six months of 2018, and 35% said their clients were attacked multiple times in the same day. Ninety-two percent of MSPs predict the number of attacks will continue at current or increased rates.

Antivirus software solutions are just not enough. Eighty-five percent of MSPs reported that ransomware victims had antivirus software installed, 65% reported victims had email/spam filters installed, and 29% reported victims had had pop-up blockers, which failed to block ransomware attacks.

The report also warns that revenue lost to downtime can cripple a small business. The average attack is 10 times more costly to the business than the ransom itself, with attacks costing a business $46,800 on average and the ransom requested averaging $4,300 per attack.

Businesses still failing to report attacks

While the report findings alone are alarming, most businesses don’t report attacks. The survey found that less than one in four ransomware attacks are reported to the authorities.

Businesses using Apple operating systems are increasingly vulnerable, according to the report. There was a fivefold increase in the number of MSPs reporting ransomware attacks on macOS and iOS platforms over the last year.

Commenting, James Bergl, Director, Datto APAC, said: “Ransomware continues to be an issue for businesses across the Asia-Pacific region, and it’s unsurprising that this region also has the highest incident rate for ransomware attacks via SaaS and Android applications, which corresponds to adoption rates in the region.

“Businesses in Singapore and the wider region need to remember that these attacks are happening every day, and as ransomware becomes more affordable on the dark web, it’s likely that attacks will become even more common place. There are immediate steps that companies can and should take to increase IT resilience and prevent against future attacks. Integral to those steps is end-user training, endpoint protection, and an intelligent backup.”

When it comes to protecting small and medium-sized businesses, the report also found that employees need training and education to be the front line of defense. Many ransomware breaches are successful due to phishing attacks, malicious websites, web ads, and clickbait directed at small businesses. Ongoing training for employees to help them remain vigilant is a best practice for small businesses.

Business continuity and disaster recovery (BCDR) technology is deemed the single most effective method for ransomware protection. Ninety percent of MSPs report clients fully recovered from an attack within 24 hours. In addition to BCDR technology, SMBs should work with their MSP to create a ransomware response plan that includes detection, communication, cause assessment, recovery, and prevention.