sb-au logo
Story image

How can partners help SMBs avoid another $12.6m in ransoms?

07 Mar 2018

AU$12.6 million in cyber-attack ransoms were paid by small-to-medium businesses (SMBs) across Australia and New Zealand, according to a recent report by Datto.

The report, ‘Datto’s State of the Channel Ransomware Report ANZ’, surveyed roughly 100 managed service providers (MSPs) serving nearly 160,000 SMBs in A/NZ.

A full 92% of MSPs reported that clients in A/NZ were hit by ransomware in the past two years, 8% higher than the global average.

Six or more clients were attacked in the first half of 2017 alone, said 33% of MSPs. Additionally, 35% reported multiple attacks against clients in a single day.

And there is no sign of slowing down - 98% of respondents said that they expect the rate of attacks to increase over the next two years.

55% of the victims never pay the ransom and of those who do, 14% still never manage to recover their data.

The amounts that are requested are relatively mild, an average of $500-$2000, however, 79% of respondents reported that their clients had downtime described as ‘business threatening’.

“Many small businesses don’t have the expertise to defend against sophisticated cyber-attacks, nor do they realise the true cost of downtime following an attack,” says Datto A/NZ regional director James Bergl.

“That’s why cybercriminals know small businesses are a profitable ransomware target: paying the ransom often seems like the lesser of two evils for SMBs faced with absorbing tens of thousands of dollars in downtime.”

While you would expect this to be a priority for SMBs, only 31% reported being ‘highly concerned’ compared with 88% of MSPs.

Phishing and a lack of cybersecurity training take the top spots of MSPs' blame for why ransomware is successful, which shows opportunities for partners who are able to provide training as a part of their offerings.

On a technological solution front, 92% of MSPs report that ransomware bypassed anti-virus software, 76% that it eluded spam filters, and 71% that having the most up-to-date applications didn’t help.

In fact, just 4% of MSPs even recommend an anti-virus as an effective way to protect from ransomware.

So, how can the channel help?

By far the most recommended solution was a backup and recovery (BDR) system (66%), followed by the less tech-heavy approach of having employees properly trained (24%).

This is supported by MSPs reporting that 97% of their clients completely bounce back from a ransomware attack if they have a BDR system in place, while only 48% recover fully if they do not.

“We’ve seen that preventative security measures are continuing to fail at stopping the devastation caused by ransomware, which is why companies need to ensure they have a business continuity plan to minimise the damage. With a reliable backup and disaster recovery solution in place, businesses can avoid paying the ransom and have their business up and running within minutes,” Bergl adds.

Despite the media coverage and near-constant discussion amongst channel players about the importance of security, many SMBs are still at risk and need the support of partners to keep from being exploited by opportunistic cybercriminals.

Story image
Organisations investing significant time modifying web application firewalls to keep ahead of cybersecurity threats
"The sheer amount of traffic and potential threats can ensnare resources and impact the ability to introduce greater precision to those key systems."More
Story image
Stone & Chalk and AustCyber confirm strategic merger
"The integration of Stone & Chalk and AustCyber will enable our joint organisation to pursue a resilient and prosperous future not just for founders, enterprise and governments, but for all of Australia.”More
Story image
Endace and Corelight step in to enhance incident response workflows
Endace and Corelight have entered into a strategic partnership to deliver security teams with insights and detailed forensic data to further enable rapid incident response.More
Story image
Y Soft adds to identity verification solution portfolio
Y Soft is adding to its portfolio of identity verification solutions with the release of a new secure identity verification for networked printers.More
Story image
Essential tools for managing user identity and how they impact your bottom line
Customer identity and access management (CIAM) is how companies give their end-users access to their digital properties, as well as how they govern, collect, analyse, and securely store data for those users.More
Story image
Kaseya acquires RocketCyber to bring SOC solutions to more businesses
"With this acquisition, we've doubled down on our security investments to provide our customers with access to experts who can continuously monitoring their IT environments without the cost and complexity of disparate tools.”More