Datto Canadian Ransomware Report 2017

Datto Canadian Ransomware Report 2017


Key Findings


Spike in ransomware attacks lead to millions in downtime-related costs for SMBs. In Canada, an estimated 4 percent of small to medium-sized businesses (SMBs) fell victim to the malware from Q2 2016-Q2 2017. The total cost of downtime from these attacks: $5.7 Million.


For SMBs, it’s no longer a question of if, but when. Ransomware incidents are more frequent in 2017 according to 98 percent of MSPs. Eighty-three percent of MSPs cite SMB clients recently victimized by ransomware, 18 percent report six or more SMB clients attacks in the first half of 2017 alone. Thirty-one percent of MSPs cite multiple attacks against clients in a single day.


Ransomware attacks will continue to thrive over the next two years. According to 98 percent of MSPs, the frequency of SMB targeted attacks will continue to increase over the next two years.


More SMBs are reporting attacks to the authorities and fewer are paying the ransom. Less than 28 percent of ransomware attacks are reported by SMB victims to the authorities. Additionally, 32 percent of SMBs pay the ransom. Of those that pay the ransom, 13 percent still never recover the data.


The ransom isn’t what breaks the bank, the downtime and data loss cut the deepest. As a result of a ransomware attack, 70 percent of MSPs report clients experienced business-threatening downtime.


Today’s ransomware hackers are ruthless and greedy. Thirteen percent of MSPs report a ransomware virus remained on an SMB’s system after the first attack and struck again at a later time. One in three MSPs report ransomware encrypted an SMB’s backup, making recovery even more complex.


CryptoLocker is still the most common variant attacking SMBs, but new and aggressive strains pop up every single day. Nearly 85 percent of MSPs who’ve dealt with ransomware report seeing CryptoLocker. Additional common variants include CryptoWall, Locky and WannaCry, which is a new addition to the list.


No industry, operating system, cloud or device is safe from these attacks. Among those industry verticals who are targeted most by ransomware attacks are Construction, Manufacturing and Professional Services. SaaS applications continue to be a growing target for ransomware attacks with Dropbox, Office 365 and G Suite most at risk. Mobile and tablet attacks are also on the rise.


When it comes to ransomware awareness, the majority are still in the dark. While 91 percent of MSP respondents cited they are “highly concerned” about the business threat of ransomware, only 34 percent of SMB clients felt the same. This could be due to the lack of mandatory cybersecurity training across SMBs, which MSPs cite as the leading cause of ransomware infections.


Ransomware outsmarts today’s top security solutions, so backup is essential. MSPs are reporting successful infections despite SMBs having Anti-Virus Software, Email/Spam Filters, Ad Blockers, and regularly updated applications. The #1 most effective means for business protection from ransomware is a backup and disaster recovery (BDR) solution followed by cybersecurity training.


With a reliable backup and disaster recovery solution in place, the majority of SMBs will fully recover from a ransomware infection. With a reliable backup and recovery solution (BDR) in place, 96 percent of MSPs report clients fully recover from ransomware attacks.