SlideShare a Scribd company logo

Ransomware 2020 Report

F
Fortis

The document is Datto's annual report on ransomware trends based on a survey of over 1,000 MSPs. Some key findings include: - Ransomware remains the #1 malware threat, impacting nearly 70% of MSP clients. Phishing emails are the top attack vector. - The average ransom demand stayed around $5,600 but downtime costs have risen significantly, averaging $274,200 per incident. - While opinions vary, around half of MSPs saw increased attacks due to remote work during COVID-19, with healthcare most at risk. - There remains a disconnect between MSP and client concerns about ransomware, though more clients are boosting security budgets.

Business
1 of 25
Download to read offline
ii Datto’s Global State of the Channel Ransomware Report Introduction Key Findings COVID-19 and Security A Variety of Malware Targeting SMBs Ransomware Still a Major Challenge for MSPs Ransomware Awareness Ransomware Continues to Skirt Cybersecurity Efforts SMBs Keep Taking The Bait The Aftermath of Attacks Downtime Far More Costly Than Ransom Still Locking (After All These Years) Industries Most Susceptible to Ransomware 1 2 3 4 5 7 8 9 10 11 12 13 Table of Contents Hackers Aren’t Only Targeting SMBs… Almost Half Of MSPs Partner With MSSPs Windows Endpoint Systems Applications Most Targeted by Hackers Ransomware Creeps Into SaaS Apps Most Common Ransomware Recovery Methods BCDR Clients Are Less Likely to Experience Significant Downtime Final Takeaways 14 15 16 17 18 20 22
1 Datto’s Global State of the Channel Ransomware Report Introduction Datto’s Annual Global State of the Channel Ransomware Report comprises statistics pulled from a survey of more than 1,000 managed service providers (MSPs) around the world. The report provides unique visibility into the state of ransomware from the perspective of the IT channel and their small and medium business (SMB) clients who are dealing with these infections on a daily basis. The report provides a wealth of detail on ransomware, including year-over-year trends, frequency, targets, impact, and recommendations for ensuring recovery and continuity in the face of this growing threat. With respect to the current climate, the report also covers the impact that COVID-19 and the increase in remote work and cloud computing has had on ransomware trends. The goal of this report is to help shed light on the current cybersecurity landscape businesses are facing. At Datto, we believe there is no limit to what small and medium businesses can achieve with the right technology. We hope the information compiled here educates your team and encourages you to work with an MSP to mitigate the risk ransomware poses on your organization.
Key Findings Ransomware is still the number one malware threat. Nearly 70% of MSPs report ransomware as the most common malware threat to SMBs. COVID-19 has had an impact on security — but not as much as you might think. MSPs were split on the security impact of the global pandemic. The ransomware disconnect between MSPs and SMBs remains. 84% of MSPs are ‘very concerned’ about ransomware, but only 30% report that their clients feel the same. SMBs aren’t the only businesses being targeted. 95% of MSPs agree that their own businesses are increasingly being targeted with attacks. Phishing emails top the successful attack vector list. Lack of cybersecurity education, weak passwords, and poor user practices are among the other top causes of ransomware. The aftermath of an attack is nothing nice. 62% of MSPs said clients’ productivity was impacted due to attacks, and 39% said their clients experienced business-threatening downtime. The average ransom requested by hackers stayed roughly the same year-over-year. MSPs report the average requested ransom for SMBs is $5,600 per incident, compared to $5,900 last year. MSPs report that the average cost of downtime is 94% greater than it was in 2019. Downtime costs are nearly 50X greater than the ransom requested in 2020. 91% of MSPs report that clients with BCDR solutions in place are less likely to experience significant downtime during a ransomware attack. 92% of MSPs predict ransomware attacks will continue at current, or worse, rates. 1 6 2 7 3 8 4 9 5 10 2 Datto’s Global State of the Channel Ransomware Report
3 Datto’s Global State of the Channel Ransomware Report COVID-19 and Security Many MSPs reported that the number of ransomware attacks and security vulnerabilities increased during COVID-19 due to an increase in remote work and cloud computing. However, it is worth pointing out that it wasn’t an overwhelming increase—more of an even split between those who saw an increase and those who did not. North American MSPs are somewhat more concerned about cloud security than their European and Asia Pacific counterparts. North America Europe Asia Pacific Increased risk can be attributed to user carelessness and security vulnerabilities associated with BYOD, according to respondents. “The risk comes from users lowering their guard as there are so many other things that have changed—health risks, working from home, etc,” said one MSP. of MSPs said remote work due to COVID-19 resulted in increased ransomware attacks. of MSPs reported that shifting client workloads to the cloud came with increased security vulnerabilities. 59% 52% 55% 42% 47% “[Personal devices] have been introduced to corporate/business environments despite objections re: security policies/endpoint protection, etc. Additionally, there are significant additional remote work security threats, from device theft to family members using corporate machines for personal work/study,” said another. MSPs report healthcare as the most vulnerable industry during the pandemic (59%), followed by finance/insurance (50%), and government (45%). A Mixed Bag GEO T RE N DS
Datto’s Global State of the Channel Ransomware Report A Variety of Malware Targeting SMBs In the last two years, MSPs report the following types of malware have affected clients: Among the malware threats impacting SMBs, ransomware is still at the top of the heap. However, it’s far from the only threat on their plate. Viruses, adware, spyware, and remote access trojans rounded out the top five. Cryptojacking, hot last year, cooled considerably, dropping 15 percentage points. This tracks with mainstream reports that cryptojacking is in decline as hackers have grown impatient with slow returns on coin mining. *Survey respondents were able to select multiple answer choices. 4 Exploit kits 11% Spyware 44% Viruses 56% Ransomware 68% Adware 53% Worms 15% Rootkits 13% Cryptojacking 16% Keyloggers 11% Remote access trojans 19%
Ransomware Still a Major Challenge for MSPs Ransomware continues to plague MSPs and the SMBs they serve. However, respondents reported a slight decline in the frequency of attacks. 78% of MSPs reported attacks on their clients in the past two years, down from 85% last year. That being said, ransomware is still a very real threat with 60% of MSPs seeing attacks in the first half of 2020. It is worth noting that the general disruption of COVID-19 and resulting economic downturn may have impacted the frequency of attacks on the SMBs that MSPs serve. This is purely speculative, and outside of the research conducted for this report. However, it will be interesting to see whether MSPs report an uptick in ransomware attacks as the global economy continues to recover. European MSPs report that their clients suffered more attacks than any other region. MSPs believe that will be the case. Nearly all respondents said they expect ransomware attacks will rise in the upcoming year. of MSPs report attacks against SMBs in the last two years of MSPs report attacks against SMBs in 2020 alone of MSPs predict attacks will increase in the next year of MSPs report that clients suffered multiple attacks in a single day 78% 60% 92% 11% North America Europe Asia Pacific GEO T RE N DS 79% 77% 85% 5 Datto’s Global State of the Channel Ransomware Report
Ransomware is not going away, but attackers may have shifted their focus temporarily to other revenue streams during COVID-19. If you think of ransomware like a ‘business’ that needs to respond to changing market conditions, it makes sense for those attackers to focus on more stable sources of revenue, like larger enterprises, during an economic downturn. Enterprises both represent a larger ‘return on investment’ to hackers and are more resilient to fluctuations in the economy. Ransomware is a numbers game, and larger companies simply represent a better target in tough economic times. Ryan Weeks Chief Information Security Officer, Datto, Inc. 6 Datto’s Global State of the Channel Ransomware Report
7 Datto’s Global State of the Channel Ransomware Report Ransomware Awareness SMB Security Budgets on the Rise There is still a disconnect between SMBs and MSPs when it comes to perceptions about ransomware. The majority of MSPs believe businesses should be “very concerned” about the threat of ransomware, but only 30% report their clients feel this way. However, it appears that SMBs are beginning to understand how damaging ransomware attacks can be. 32% of MSPs report clients are “moderately concerned” and 34% say clients are “somewhat concerned”. In addition to the growing awareness above, increased IT security spending shows that SMBs are beginning to take ransomware, and security in general, seriously. The slight decline in ransomware attacks this year might also indicate that these security efforts are having a positive impact. Compared to their North American and Asia Pacific counterparts, fewer European MSPs said their clients feel “very concerned” about ransomware attacks. North America Europe Asia Pacific of MSPs report SMBs are “very concerned” about ransomware of MSPs report SMBs should be “very concerned” about ransomware of MSPs said their clients increased budget for IT security in 2020. 30% 50% 84% SMBs vs. MSPs 31% 19% 33% GEO TREN DS
Ransomware Continues to Skirt Cybersecurity Efforts Despite increased security spending, MSPs report that ransomware averted cybersecurity efforts including employee education, antivirus, email filtering, pop-up blockers, and endpoint detection solutions. Of them, 50% said ransomware averted antivirus/anti-malware solutions. When asked about which antivirus/anti-malware solutions specifically, MSPs said: Ransomware is able to get around these solutions because the cybercriminals frequently modify their malware to avoid detection. What’s worse, the social engineering tactics criminals use to dupe victims have become very sophisticated and hard to detect—even with security education (more on that below). That’s why a multilayered approach to ransomware that includes business continuity is so important. Security software and training are essential to prevent attacks before they happen. Business continuity enables organizations to resume normal operations quickly if security measures fail. Anti-malware filtering (email-, network-, and web-based) Legacy signature-based antivirus Endpoint detection and response NextGen anti-virus 59% 42% 24% 12% 8 Datto’s Global State of the Channel Ransomware Report
Datto’s Global State of the Channel Ransomware Report SMBs Keep Taking the Bait As noted above, end user education is an essential piece of an effective ransomware protection strategy. This year’s survey results bear that out: phishing, poor user practices, and lack of end user cybersecurity training were the three most common causes of successful ransomware breaches. So, it is important to note that security training must go beyond just how to identify phishing attacks. While phishing topped the list, weak passwords, open RDP access, and a host of other user errors were also to blame for breaches. Leading causes of ransomware attacks reported by MSPs: *Survey respondents were asked to select three answer choices. Phishing emails Poor user practices/gullibility Lack of cybersecurity training Weak passwords/access management Open RDP access Clickbait Malicious websites Lost/stolen user credentials Lack of funding for IT security solutions Lack of executive buy-in for adopting security solutions 54% 27% 26% 21% 20% 17% 14% 10% 8% 8% 9 60
Datto’s Global State of the Channel Ransomware Report The Aftermath of Attacks Ransomware attacks can result in considerable business downtime, because breaches are rarely limited to a single computer. Most of the ransomware in use today is designed to crawl business networks, looking for additional machines to infect. If the malware goes undetected, it doesn’t take long for numerous user devices, servers, and even data in SaaS applications to become encrypted. Restores can be time consuming, especially using traditional backup tools. So, it makes sense that loss of business productivity and business-threatening downtime were at the top of the list of ransomware results. It also explains why nearly 20% of MSPs reported that SMBs were forced to pay a ransom in order to return to normal business. All of this highlights the need for a business continuity solution that enables SMBs to return to work fast. *Survey respondents were asked to select three answer choices. Consequences resulting from ransomware attacks reported by MSPs: 10 Loss of business productivity Stolen data Business-threatening downtime Hackers threatened to publicize data if ransom went unpaid Lost data and/or device Ransomware remained on system, struck again! Decreased customer profitability Failure to meet SLA requirements Clients paid ransom and recovered data Failure to achieve regulatory compliance Damaged reputation Paid a ransom but data was never released 24% 28% 39% 62% 6% 6% 10% 13% 19% 4% 17% 4% 70 70
Downtime Far More Costly than Ransom When it comes to ransomware attacks, MSPs report the cost of downtime is nearly 50X greater than the ransom requested. *All survey respondents answered in U.S. dollars. Average Ransom in... Average Cost of Downtime in... 2018 $4,300 2019 $5,900 2020 $5,600 MSPs report the average cost of ransom stayed roughly the same in 2020 as it was in 2019. So while there has been a slight decline in the frequency of attacks, hackers are still demanding a high ransom payment. We saw a big uptick in average ransom from 2018 to 2019, when the demands increased by 37%. MSPs reported that the average downtime cost per incident has increased by 94% from 2019 and a staggering 486% from 2018. So, what does this mean exactly? Well, on face value it means that downtime costs are higher than reported two years ago, obviously. This may mean that downtime costs have increased, or it could mean that MSPs are getting better at calculating the real costs of downtime. Either way, it’s clear that MSPs understand that the damage associated with business downtime is far more costly than the actual ransom. Downtime costs vary widely among businesses and these numbers are based on MSP estimates. To calculate the cost of potential downtime for your business, check out our Recovery Time and Downtime Cost Calculator. 11 Datto’s Global State of the Channel Ransomware Report Region North America $6,200 $308,900 Europe $3,500 $185,800 Asia Pacific $4,400 $257,000 Ransom Downtime GEO TRE N DS 2018 $46,800 2019 $141,000 2020 $274,200 2020: Ransom vs. Downtime Costs
Datto’s Global State of the Channel Ransomware Report For the 5th consecutive year in a row, MSPs reported CryptoLocker as the top ransomware variant impacting their clients (52%). WannaCry was next on the list at 26%, followed by Cryptowall (16%) and Locky (13%). Interestingly, 33% of respondents said they weren’t sure what kind of ransomware they dealt with. This is important to note for two reasons. First, the type of ransomware ultimately doesn’t really matter—every type can result in business downtime. Second, the methods MSPs use to combat ransomware and recover following attacks are the same regardless of the strain. *Survey respondents were able to select multiple answer choices. 0 10 20 30 40 50 60 Still Locking (After All These Years) 12 CryptoLocker 52% WannaCry 26% Cryptowall 16% Locky 13% Emotet 10% Petya 7% CryptXXX 7% TeslaCrypt 6% notPetya 5% TorrentLocker 4% CBT Locker 3% CoinVault 3% CrySis 3% Wallet 2% Osiris 2% Not sure what type 33%
Datto’s Global State of the Channel Ransomware Report Industries Most Susceptible to Ransomware This year we asked MSPs what industries were most susceptible to ransomware attacks due to COVID-19. Perhaps not surprisingly, healthcare was in the top spot. 59% of MSPs said they believed healthcare to be the most vulnerable. Hackers are well known for staging attacks against victims that are already compromised in some way. So, it makes sense that cyber criminals would go after healthcare organizations during a global pandemic. Finance/insurance was in the second slot (50%) and Government in third (45%). These verticals were also seriously impacted by the pandemic for obvious reasons. Outside of the top three, the rest of the list looks fairly similar to previous years’ results. *Survey respondents were able to select multiple answer choices. 13 0 10 20 30 40 50 60 70 Construction/ Manufacturing 59% Professional Services 50% Finance/Insurance 45% 41% Legal 36% Non-Profit 35% Retail 35% Real Estate Other 29% Travel/ Transportation 29% Architecture/Design 27% Consumer Products 25% Government 23% Education 22% Media/ Entertainment 22% Energy/ Utilities 22% Telecom High Technology 18% 17% 7% Industries most susceptible to ransomware due to COVID-19: Healthcare
Hackers Aren’t Only Targeting SMBs… 2FA and SSO Use 95% of respondents agreed that MSPs are being increasingly targeted by ransomware attacks. This is likely due to a number of high profile attacks on SMBs in recent memory. In attacks like these, hackers use MSP credentials to access and spread ransomware to their clients. In other words, by compromising an MSP, cybercriminals get more bang for their buck. MSPs are taking the threat seriously. More than half are now using password management and multi-factor authentication tools, as you will see below. 44% reported that they are using an identity provider for Single Sign-on (SSO). Microsoft Azure Active Directory was by far the top choice of SSO identity providers among respondents. 47% of MSPs said they use Azure AD for SSO. Of that 44%, nearly 70% use the same provider for two-factor authentication (2FA). 14 Datto’s Global State of the Channel Ransomware Report
Datto’s Global State of the Channel Ransomware Report Almost Half of MSPs Partner with MSSPs 46% of MSPs now partner with managed security service providers (MSSPs) for assistance with IT security—for their clients and their own businesses. In fact, the number one reason MSPs reported doing so was to improve their own security preparedness— another sign that MSPs are taking the possibility of attacks on their own businesses seriously. Ultimately, partnering with an MSSP boils down to accessing expert guidance. IT security is a broad, complex discipline which requires specialization to develop expertise. MSSPs have it, and MSPs need it. *Survey respondents were able to select multiple answer choices. To boost cybersecurity/ ransomware preparedness at my MSP To better understand available and effective security technologies To reduce cyber risk to my business For cybersecurity solution sales To educate my staff through experience and exposure A pathway to transforming my MSP to an MSSP To share cyber risk with another organization Other 15 0 20 10 30 40 50 60 54% 10% 22% 23% 35% 45% 45% 47% 46% of MSPs now partner with MSSPs for assistance with IT security MSPs that partner with MSSPs cited the following reasons:
Datto’s Global State of the Channel Ransomware Report Windows Endpoint Systems Applications Most Targeted by Hackers 91% of ransomware attacks targeted Windows PCs this year, according to MSPs. This tracks with phishing emails being the number one attack vector and the sheer number of Windows PCs in use today. It also highlights the need for endpoint protection and backup solutions. Ransomware attacks on these systems have a significant impact on user productivity, and in turn, a business’ ability to generate revenue. Solutions that allow employees to return to work quickly following attacks should be considered essential. Windows Servers followed at 76%. That’s because ransomware may enter a network via a phishing email, but as noted above, it doesn’t take long before the malware spreads across networks to infect other systems. A business continuity solution that can recover server workloads locally or in the cloud is critical to minimize business interruption following a ransomware attack. *Survey respondents were able to select multiple answer choices. Windows PCs Windows Tablet Android Windows Server Apple MacOS Apple iOS Endpoint systems most targeted by ransomware attacks: 91% 8% 6% 76% 7% 4% 16
Ransomware Creeps Into SaaS Apps Nearly 1 in 4 MSPs reported ransomware attacks on clients’ SaaS applications. Of them, Microsoft was hit the hardest. This isn’t particularly surprising, since so many organizations rely on Microsoft 365. It was somewhat surprising, however, to see that more than half saw ransomware in Dropbox. Google Workspace rounded out the top three at 25%. *Survey respondents were able to select multiple answer choices. of MSPs report attacks within Microsoft 365 of MSPs report attacks within Dropbox of MSPs report attacks within Google Workspace 64% 25% 54% 17 Datto’s Global State of the Channel Ransomware Report
18 Datto’s Global State of the Channel Ransomware Report Most Common Ransomware Recovery Methods Re-imaging a machine from a backup was the number one ransomware recovery method this year. This is a significant change from last year, when re-imaging from default took the top spot. This year that was in the third spot tied with virtualizing the system from a backup image. *Survey respondents were able to select multiple answer choices. Restore a machine from a backup Restore from files Re-image from default Virtualize the system from a backup image Run software to cleanup threat Paid ransom 76% 36% 27% 33% 15% 31%
I’m pleased to see that ‘re-imaging from backup’ was the top method MSPs are using to recover from ransomware attacks. This shows MSPs have matured their recovery methods. Two years ago, MSPs were still dealing with the shock of ransomware, scrambling to put something in place for recovery and largely re-imaging machines from scratch. Last year, they were in the process of changing how they do things, putting the right solutions in place with their customers to minimize downtime and data loss. Now, we are starting to see results of those efforts manifest in more mature recovery mechanisms. Ryan Weeks Chief Information Security Officer, Datto, Inc. 19 Datto’s Global State of the Channel Ransomware Report
Datto’s Global State of the Channel Ransomware Report BCDR Clients Are Less Likely To Experience Significant Downtime Most Effective Solutions to Combat Ransomware Business continuity and disaster recovery (BCDR) Employee training Patch management Unified threat management Antivirus / Anti-malware software Email / Spam filters Browser isolation Endpoint detection and response platform Identity access management solution Endpoint / Mobile management platform 20 of MSPs said clients with BCDR products in place are less likely to experience significant downtime from ransomware. 91%
21 Datto’s Global State of the Channel Ransomware Report We require Datto SIRIS as a minimum for all our clients as one of the security/continuity layers we put in place. To me, it’s just as important as cybersecurity insurance. When talking to prospects about BCDR, we discuss ransomware detection and remediation in addition to sharing stories about how quickly we have gotten clients running on local failover. Recently, a local police station we support experienced server failure, and we were able to get them back up and running in just minutes with Datto SIRIS. Brian J. Weiss CEO, ITECH Solutions 21 Datto’s Global State of the Channel Ransomware Report
Final Takeaways Ransomware awareness seems to be increasing. Across the board, there were indicators that MSPs and SMBs are taking steps to combat ransomware attacks. And, their efforts are having an impact. While still the most common type of malware attack, ransomware attacks declined slightly from last year. Increased SMB security spending, MSPs partnering with MSSPs, and use of security measures like SSO and 2FA all point to an increase in security awareness. SMBs need multiple solutions to combat attacks. Today’s standard security solutions alone are no match for today’s ransomware, which can penetrate organizations through phishing attacks and avert detection from security solutions. Reducing the risk of infections requires a multi-layered approach rather than a single product. SMBs must prepare the front line of defense: their employees. Today’s companies must provide regular and mandatory cybersecurity training to ensure all employees are able to spot and avoid potential attacks. While attacks declined slightly this year, phishing attacks remained the most successful attack vector, followed by a number of other employee errors that could be mitigated with better security training. SMBs need a continuity strategy. Once again, survey data shows that there is no surefire way of preventing ransomware attacks, even with proper security solutions in place. That’s why business continuity was ranked the number one solution to combat attacks again this year. Since ransomware is designed to spread across networks and SaaS applications, endpoint and SaaS backup solutions designed for fast restores are critical. 1 3 2 4 22 Datto’s Global State of the Channel Ransomware Report
Datto’s Global State of the Channel Ransomware Report Datto.com About the Report Datto’s Global State of the Channel Ransomware Report is comprised of statistics pulled from an online survey of 1,000+ Datto partners that was distributed throughout the month of August 2020. About Datto As the world’s leading provider of cloud-based software and technology solutions purpose-built for delivery by managed service providers (MSPs), Datto believes there is no limit to what small and medium businesses can achieve with the right technology. Datto offers Unified Continuity, Networking, and Business Management solutions and has created a unique ecosystem of MSP partners. These partners provide Datto solutions to over one million businesses across the globe. Since its founding in 2007, Datto continues to win awards each year for its rapid growth, product excellence, superior technical support, and for fostering an outstanding workplace. With headquarters in Norwalk, Connecticut, Datto has global offices in the United Kingdom, Netherlands, Denmark, Germany, Canada, Australia, China, and Singapore. Copyright © 2020 Datto Inc. All rights reserved. For more information: Phone: 916-235-4200 Email: sales@fortistelecom.net https://fortistelecom.net

Recommended

Ransomware: A Perilous Malware
Ransomware: A Perilous MalwareRansomware: A Perilous Malware
Ransomware: A Perilous MalwareHTS Hosting
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityUmairFirdous
 
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...James Anderson
 
Anatomy of a Ransomware Event
Anatomy of a Ransomware EventAnatomy of a Ransomware Event
Anatomy of a Ransomware EventArt Ocain
 
Cylance Ransomware-Remediation & Prevention Consulting Data-sheet
Cylance Ransomware-Remediation & Prevention Consulting Data-sheetCylance Ransomware-Remediation & Prevention Consulting Data-sheet
Cylance Ransomware-Remediation & Prevention Consulting Data-sheetInnovation Network Technologies: InNet
 
Ransomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyRansomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyVeriato
 
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...SaraPia5
 
Next Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension and Veeam | Solutions for PIPEDA ComplianceNext Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension and Veeam | Solutions for PIPEDA ComplianceNext Dimension Inc.
 

Recommended

Ransomware: A Perilous Malware
Ransomware: A Perilous MalwareRansomware: A Perilous Malware
Ransomware: A Perilous MalwareHTS Hosting
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityUmairFirdous
 
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...James Anderson
 
Anatomy of a Ransomware Event
Anatomy of a Ransomware EventAnatomy of a Ransomware Event
Anatomy of a Ransomware EventArt Ocain
 
Cylance Ransomware-Remediation & Prevention Consulting Data-sheet
Cylance Ransomware-Remediation & Prevention Consulting Data-sheetCylance Ransomware-Remediation & Prevention Consulting Data-sheet
Cylance Ransomware-Remediation & Prevention Consulting Data-sheetInnovation Network Technologies: InNet
 
Ransomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyRansomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyVeriato
 
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...
TIC-TOC: Ransomware: Help your Customers be Prepared with Dominique Singer an...SaraPia5
 
Next Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension and Veeam | Solutions for PIPEDA ComplianceNext Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension and Veeam | Solutions for PIPEDA ComplianceNext Dimension Inc.
 
10 best cybersecurity companies in healthcare for 2021
10 best cybersecurity companies in healthcare for 202110 best cybersecurity companies in healthcare for 2021
10 best cybersecurity companies in healthcare for 2021insightscare
 
Webinar: Backup vs. Ransomware - 5 Requirements for Backup Success
Webinar: Backup vs. Ransomware - 5 Requirements for Backup SuccessWebinar: Backup vs. Ransomware - 5 Requirements for Backup Success
Webinar: Backup vs. Ransomware - 5 Requirements for Backup SuccessStorage Switzerland
 
Triangulum - Ransomware Evolved - Why your backups arent good enough
Triangulum - Ransomware Evolved - Why your backups arent good enoughTriangulum - Ransomware Evolved - Why your backups arent good enough
Triangulum - Ransomware Evolved - Why your backups arent good enoughMartin Opsahl
 
How to Recover from a Ransomware Disaster
How to Recover from a Ransomware DisasterHow to Recover from a Ransomware Disaster
How to Recover from a Ransomware DisasterSpanning Cloud Apps
 
Cisa ransomware guide
Cisa ransomware guideCisa ransomware guide
Cisa ransomware guideanpapathanasiou
 
Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...
Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...
Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...OK2OK
 
IT security in 2021: Why Ransomware Is Still The Biggest Threat
IT security in 2021: Why Ransomware Is Still The Biggest ThreatIT security in 2021: Why Ransomware Is Still The Biggest Threat
IT security in 2021: Why Ransomware Is Still The Biggest ThreatETech 7
 
Cyber Kill Chain Deck for General Audience
Cyber Kill Chain Deck for General AudienceCyber Kill Chain Deck for General Audience
Cyber Kill Chain Deck for General AudienceTom K
 
Ransomware Detection: Don’t Pay Up. Backup.
Ransomware Detection: Don’t Pay Up. Backup.Ransomware Detection: Don’t Pay Up. Backup.
Ransomware Detection: Don’t Pay Up. Backup.marketingunitrends
 
How to Take the Ransom Out of Ransomware
How to Take the Ransom Out of RansomwareHow to Take the Ransom Out of Ransomware
How to Take the Ransom Out of Ransomwaremarketingunitrends
 
WannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowWannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowIBM Security
 
Addressing the cyber kill chain
Addressing the cyber kill chainAddressing the cyber kill chain
Addressing the cyber kill chainSymantec Brasil
 
HOW TO PREPARE FOR AND RESPOND TO A RANDSOMWARE ATTACK [Webinar]
HOW TO PREPARE FOR AND RESPOND TO A RANDSOMWARE ATTACK [Webinar]HOW TO PREPARE FOR AND RESPOND TO A RANDSOMWARE ATTACK [Webinar]
HOW TO PREPARE FOR AND RESPOND TO A RANDSOMWARE ATTACK [Webinar]Stanton Viaduc
 
Cyber Attack Survival: Are You Ready?
Cyber Attack Survival: Are You Ready?Cyber Attack Survival: Are You Ready?
Cyber Attack Survival: Are You Ready?Radware
 
Cybersecurity…real world solutions
Cybersecurity…real world solutions Cybersecurity…real world solutions
Cybersecurity…real world solutions ErnestStaats
 
The Best Just Got Better, Intercept X Now With EDR
The Best Just Got Better, Intercept X Now With EDRThe Best Just Got Better, Intercept X Now With EDR
The Best Just Got Better, Intercept X Now With EDRNetpluz Asia Pte Ltd
 
The State of Ransomware 2020
The State of Ransomware 2020The State of Ransomware 2020
The State of Ransomware 2020Netpluz Asia Pte Ltd
 
The Cost of Doing Nothing: A Ransomware Backup Story
The Cost of Doing Nothing: A Ransomware Backup StoryThe Cost of Doing Nothing: A Ransomware Backup Story
The Cost of Doing Nothing: A Ransomware Backup StoryQuest
 
Cyber Kill Chain vs. Cyber Criminals
Cyber Kill Chain vs. Cyber CriminalsCyber Kill Chain vs. Cyber Criminals
Cyber Kill Chain vs. Cyber CriminalsDavid Sweigert
 
Proatively Engaged: Questions Executives Should Ask Their Security Teams
Proatively Engaged: Questions Executives Should Ask Their Security TeamsProatively Engaged: Questions Executives Should Ask Their Security Teams
Proatively Engaged: Questions Executives Should Ask Their Security TeamsFireEye, Inc.
 
Datto stateofthechannelransomwarereport2016 rh
Datto stateofthechannelransomwarereport2016 rhDatto stateofthechannelransomwarereport2016 rh
Datto stateofthechannelransomwarereport2016 rhJames Herold
 
Cloud activ8 state of ransomware report_2021-dec
Cloud activ8 state of ransomware report_2021-decCloud activ8 state of ransomware report_2021-dec
Cloud activ8 state of ransomware report_2021-decgusbarrett
 

More Related Content

What's hot

10 best cybersecurity companies in healthcare for 2021
10 best cybersecurity companies in healthcare for 202110 best cybersecurity companies in healthcare for 2021
10 best cybersecurity companies in healthcare for 2021insightscare
 
Webinar: Backup vs. Ransomware - 5 Requirements for Backup Success
Webinar: Backup vs. Ransomware - 5 Requirements for Backup SuccessWebinar: Backup vs. Ransomware - 5 Requirements for Backup Success
Webinar: Backup vs. Ransomware - 5 Requirements for Backup SuccessStorage Switzerland
 
Triangulum - Ransomware Evolved - Why your backups arent good enough
Triangulum - Ransomware Evolved - Why your backups arent good enoughTriangulum - Ransomware Evolved - Why your backups arent good enough
Triangulum - Ransomware Evolved - Why your backups arent good enoughMartin Opsahl
 
How to Recover from a Ransomware Disaster
How to Recover from a Ransomware DisasterHow to Recover from a Ransomware Disaster
How to Recover from a Ransomware DisasterSpanning Cloud Apps
 
Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...
Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...
Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...OK2OK
 
IT security in 2021: Why Ransomware Is Still The Biggest Threat
IT security in 2021: Why Ransomware Is Still The Biggest ThreatIT security in 2021: Why Ransomware Is Still The Biggest Threat
IT security in 2021: Why Ransomware Is Still The Biggest ThreatETech 7
 
Cyber Kill Chain Deck for General Audience
Cyber Kill Chain Deck for General AudienceCyber Kill Chain Deck for General Audience
Cyber Kill Chain Deck for General AudienceTom K
 
Ransomware Detection: Don’t Pay Up. Backup.
Ransomware Detection: Don’t Pay Up. Backup.Ransomware Detection: Don’t Pay Up. Backup.
Ransomware Detection: Don’t Pay Up. Backup.marketingunitrends
 
How to Take the Ransom Out of Ransomware
How to Take the Ransom Out of RansomwareHow to Take the Ransom Out of Ransomware
How to Take the Ransom Out of Ransomwaremarketingunitrends
 
WannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowWannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowIBM Security
 
Addressing the cyber kill chain
Addressing the cyber kill chainAddressing the cyber kill chain
Addressing the cyber kill chainSymantec Brasil
 
HOW TO PREPARE FOR AND RESPOND TO A RANDSOMWARE ATTACK [Webinar]
HOW TO PREPARE FOR AND RESPOND TO A RANDSOMWARE ATTACK [Webinar]HOW TO PREPARE FOR AND RESPOND TO A RANDSOMWARE ATTACK [Webinar]
HOW TO PREPARE FOR AND RESPOND TO A RANDSOMWARE ATTACK [Webinar]Stanton Viaduc
 
Cyber Attack Survival: Are You Ready?
Cyber Attack Survival: Are You Ready?Cyber Attack Survival: Are You Ready?
Cyber Attack Survival: Are You Ready?Radware
 
Cybersecurity…real world solutions
Cybersecurity…real world solutions Cybersecurity…real world solutions
Cybersecurity…real world solutions ErnestStaats
 
The Best Just Got Better, Intercept X Now With EDR
The Best Just Got Better, Intercept X Now With EDRThe Best Just Got Better, Intercept X Now With EDR
The Best Just Got Better, Intercept X Now With EDRNetpluz Asia Pte Ltd
 
The Cost of Doing Nothing: A Ransomware Backup Story
The Cost of Doing Nothing: A Ransomware Backup StoryThe Cost of Doing Nothing: A Ransomware Backup Story
The Cost of Doing Nothing: A Ransomware Backup StoryQuest
 
Cyber Kill Chain vs. Cyber Criminals
Cyber Kill Chain vs. Cyber CriminalsCyber Kill Chain vs. Cyber Criminals
Cyber Kill Chain vs. Cyber CriminalsDavid Sweigert
 
Proatively Engaged: Questions Executives Should Ask Their Security Teams
Proatively Engaged: Questions Executives Should Ask Their Security TeamsProatively Engaged: Questions Executives Should Ask Their Security Teams
Proatively Engaged: Questions Executives Should Ask Their Security TeamsFireEye, Inc.
 

What's hot (20)

10 best cybersecurity companies in healthcare for 2021
10 best cybersecurity companies in healthcare for 202110 best cybersecurity companies in healthcare for 2021
10 best cybersecurity companies in healthcare for 2021
 
Webinar: Backup vs. Ransomware - 5 Requirements for Backup Success
Webinar: Backup vs. Ransomware - 5 Requirements for Backup SuccessWebinar: Backup vs. Ransomware - 5 Requirements for Backup Success
Webinar: Backup vs. Ransomware - 5 Requirements for Backup Success
 
Triangulum - Ransomware Evolved - Why your backups arent good enough
Triangulum - Ransomware Evolved - Why your backups arent good enoughTriangulum - Ransomware Evolved - Why your backups arent good enough
Triangulum - Ransomware Evolved - Why your backups arent good enough
 
How to Recover from a Ransomware Disaster
How to Recover from a Ransomware DisasterHow to Recover from a Ransomware Disaster
How to Recover from a Ransomware Disaster
 
Cisa ransomware guide
Cisa ransomware guideCisa ransomware guide
Cisa ransomware guide
 
Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...
Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...
Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...
 
IT security in 2021: Why Ransomware Is Still The Biggest Threat
IT security in 2021: Why Ransomware Is Still The Biggest ThreatIT security in 2021: Why Ransomware Is Still The Biggest Threat
IT security in 2021: Why Ransomware Is Still The Biggest Threat
 
Cyber Kill Chain Deck for General Audience
Cyber Kill Chain Deck for General AudienceCyber Kill Chain Deck for General Audience
Cyber Kill Chain Deck for General Audience
 
Ransomware Detection: Don’t Pay Up. Backup.
Ransomware Detection: Don’t Pay Up. Backup.Ransomware Detection: Don’t Pay Up. Backup.
Ransomware Detection: Don’t Pay Up. Backup.
 
How to Take the Ransom Out of Ransomware
How to Take the Ransom Out of RansomwareHow to Take the Ransom Out of Ransomware
How to Take the Ransom Out of Ransomware
 
WannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowWannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do Now
 
Addressing the cyber kill chain
Addressing the cyber kill chainAddressing the cyber kill chain
Addressing the cyber kill chain
 
HOW TO PREPARE FOR AND RESPOND TO A RANDSOMWARE ATTACK [Webinar]
HOW TO PREPARE FOR AND RESPOND TO A RANDSOMWARE ATTACK [Webinar]HOW TO PREPARE FOR AND RESPOND TO A RANDSOMWARE ATTACK [Webinar]
HOW TO PREPARE FOR AND RESPOND TO A RANDSOMWARE ATTACK [Webinar]
 
Cyber Attack Survival: Are You Ready?
Cyber Attack Survival: Are You Ready?Cyber Attack Survival: Are You Ready?
Cyber Attack Survival: Are You Ready?
 
Cybersecurity…real world solutions
Cybersecurity…real world solutions Cybersecurity…real world solutions
Cybersecurity…real world solutions
 
The Best Just Got Better, Intercept X Now With EDR
The Best Just Got Better, Intercept X Now With EDRThe Best Just Got Better, Intercept X Now With EDR
The Best Just Got Better, Intercept X Now With EDR
 
The State of Ransomware 2020
The State of Ransomware 2020The State of Ransomware 2020
The State of Ransomware 2020
 
The Cost of Doing Nothing: A Ransomware Backup Story
The Cost of Doing Nothing: A Ransomware Backup StoryThe Cost of Doing Nothing: A Ransomware Backup Story
The Cost of Doing Nothing: A Ransomware Backup Story
 
Cyber Kill Chain vs. Cyber Criminals
Cyber Kill Chain vs. Cyber CriminalsCyber Kill Chain vs. Cyber Criminals
Cyber Kill Chain vs. Cyber Criminals
 
Proatively Engaged: Questions Executives Should Ask Their Security Teams
Proatively Engaged: Questions Executives Should Ask Their Security TeamsProatively Engaged: Questions Executives Should Ask Their Security Teams
Proatively Engaged: Questions Executives Should Ask Their Security Teams
 

Similar to Ransomware 2020 Report

Datto stateofthechannelransomwarereport2016 rh
Datto stateofthechannelransomwarereport2016 rhDatto stateofthechannelransomwarereport2016 rh
Datto stateofthechannelransomwarereport2016 rhJames Herold
 
Cloud activ8 state of ransomware report_2021-dec
Cloud activ8 state of ransomware report_2021-decCloud activ8 state of ransomware report_2021-dec
Cloud activ8 state of ransomware report_2021-decgusbarrett
 
DDOS OCTOBER 2015 NEUSTAR DDOS ATTACKS & PROTECTION REPORT: NORTH AMERICA & E...
DDOS OCTOBER 2015 NEUSTAR DDOS ATTACKS & PROTECTION REPORT: NORTH AMERICA & E...DDOS OCTOBER 2015 NEUSTAR DDOS ATTACKS & PROTECTION REPORT: NORTH AMERICA & E...
DDOS OCTOBER 2015 NEUSTAR DDOS ATTACKS & PROTECTION REPORT: NORTH AMERICA & E...CMR WORLD TECH
 
13 Ransomware Statistics That Will Make You Rethink Data Protection
13 Ransomware Statistics That Will Make You Rethink Data Protection13 Ransomware Statistics That Will Make You Rethink Data Protection
13 Ransomware Statistics That Will Make You Rethink Data ProtectionDatto
 
Whitepaper 2015 industry_drilldown_finance_en
Whitepaper 2015 industry_drilldown_finance_enWhitepaper 2015 industry_drilldown_finance_en
Whitepaper 2015 industry_drilldown_finance_enBankir_Ru
 
CYBER-THREAT-LANDSCAPE-2021.pdf
CYBER-THREAT-LANDSCAPE-2021.pdfCYBER-THREAT-LANDSCAPE-2021.pdf
CYBER-THREAT-LANDSCAPE-2021.pdfKrishna N
 
Detecting Frauds and Identifying Security Challenge | by Money2Conf
Detecting Frauds and Identifying Security Challenge | by Money2ConfDetecting Frauds and Identifying Security Challenge | by Money2Conf
Detecting Frauds and Identifying Security Challenge | by Money2ConfMoney 2Conf
 
2016 trustwave global security report
2016 trustwave global security report2016 trustwave global security report
2016 trustwave global security reportMarco Antonio Agnese
 
Ransomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and MitigationRansomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and MitigationMaaz Ahmed Shaikh
 
True Cost of Ransomware to Your Business
True Cost of Ransomware to Your BusinessTrue Cost of Ransomware to Your Business
True Cost of Ransomware to Your BusinessIndusfacePvtLtd
 
Protecting the brand—cyber-attacks and the reputation of the enterprise
Protecting the brand—cyber-attacks and the reputation of the enterprise Protecting the brand—cyber-attacks and the reputation of the enterprise
Protecting the brand—cyber-attacks and the reputation of the enterprise The Economist Media Businesses
 
Topsec email security 2016
Topsec email security 2016Topsec email security 2016
Topsec email security 2016Nathan CAVRIL
 
Malwarebytes labs 2019 - state of malware report 2
Malwarebytes labs 2019 - state of malware report 2Malwarebytes labs 2019 - state of malware report 2
Malwarebytes labs 2019 - state of malware report 2Felipe Prado
 
Trendlabs 1h-2016-security-roundup-en
Trendlabs 1h-2016-security-roundup-enTrendlabs 1h-2016-security-roundup-en
Trendlabs 1h-2016-security-roundup-enAndrey Apuhtin
 
13 Ransomware Statistics That Will Make You Rethink Data Protection
13 Ransomware Statistics That Will Make You Rethink Data Protection 13 Ransomware Statistics That Will Make You Rethink Data Protection
13 Ransomware Statistics That Will Make You Rethink Data Protection Worksighted
 
The Quarantine Report: Cybersecurity Impact Assessment for COVID-19
The Quarantine Report: Cybersecurity Impact Assessment for COVID-19The Quarantine Report: Cybersecurity Impact Assessment for COVID-19
The Quarantine Report: Cybersecurity Impact Assessment for COVID-19Alex Smirnoff
 
Cost of Cybercrime Study in Financial Services: 2019 Report
Cost of Cybercrime Study in Financial Services: 2019 ReportCost of Cybercrime Study in Financial Services: 2019 Report
Cost of Cybercrime Study in Financial Services: 2019 Reportaccenture
 
Cyber Security Planning 101
Cyber Security Planning 101Cyber Security Planning 101
Cyber Security Planning 101Welch LLP
 

Similar to Ransomware 2020 Report (20)

Datto stateofthechannelransomwarereport2016 rh
Datto stateofthechannelransomwarereport2016 rhDatto stateofthechannelransomwarereport2016 rh
Datto stateofthechannelransomwarereport2016 rh
 
Cloud activ8 state of ransomware report_2021-dec
Cloud activ8 state of ransomware report_2021-decCloud activ8 state of ransomware report_2021-dec
Cloud activ8 state of ransomware report_2021-dec
 
Estado del ransomware en 2020
Estado del ransomware en 2020Estado del ransomware en 2020
Estado del ransomware en 2020
 
DDOS OCTOBER 2015 NEUSTAR DDOS ATTACKS & PROTECTION REPORT: NORTH AMERICA & E...
DDOS OCTOBER 2015 NEUSTAR DDOS ATTACKS & PROTECTION REPORT: NORTH AMERICA & E...DDOS OCTOBER 2015 NEUSTAR DDOS ATTACKS & PROTECTION REPORT: NORTH AMERICA & E...
DDOS OCTOBER 2015 NEUSTAR DDOS ATTACKS & PROTECTION REPORT: NORTH AMERICA & E...
 
13 Ransomware Statistics That Will Make You Rethink Data Protection
13 Ransomware Statistics That Will Make You Rethink Data Protection13 Ransomware Statistics That Will Make You Rethink Data Protection
13 Ransomware Statistics That Will Make You Rethink Data Protection
 
Whitepaper 2015 industry_drilldown_finance_en
Whitepaper 2015 industry_drilldown_finance_enWhitepaper 2015 industry_drilldown_finance_en
Whitepaper 2015 industry_drilldown_finance_en
 
CYBER-THREAT-LANDSCAPE-2021.pdf
CYBER-THREAT-LANDSCAPE-2021.pdfCYBER-THREAT-LANDSCAPE-2021.pdf
CYBER-THREAT-LANDSCAPE-2021.pdf
 
Detecting Frauds and Identifying Security Challenge | by Money2Conf
Detecting Frauds and Identifying Security Challenge | by Money2ConfDetecting Frauds and Identifying Security Challenge | by Money2Conf
Detecting Frauds and Identifying Security Challenge | by Money2Conf
 
2016 trustwave global security report
2016 trustwave global security report2016 trustwave global security report
2016 trustwave global security report
 
Ransomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and MitigationRansomware: Attack, Human Impact and Mitigation
Ransomware: Attack, Human Impact and Mitigation
 
True Cost of Ransomware to Your Business
True Cost of Ransomware to Your BusinessTrue Cost of Ransomware to Your Business
True Cost of Ransomware to Your Business
 
Protecting the brand—cyber-attacks and the reputation of the enterprise
Protecting the brand—cyber-attacks and the reputation of the enterprise Protecting the brand—cyber-attacks and the reputation of the enterprise
Protecting the brand—cyber-attacks and the reputation of the enterprise
 
2019 Hiscox Cyber Readiness Report
2019 Hiscox Cyber Readiness Report2019 Hiscox Cyber Readiness Report
2019 Hiscox Cyber Readiness Report
 
Topsec email security 2016
Topsec email security 2016Topsec email security 2016
Topsec email security 2016
 
Malwarebytes labs 2019 - state of malware report 2
Malwarebytes labs 2019 - state of malware report 2Malwarebytes labs 2019 - state of malware report 2
Malwarebytes labs 2019 - state of malware report 2
 
Trendlabs 1h-2016-security-roundup-en
Trendlabs 1h-2016-security-roundup-enTrendlabs 1h-2016-security-roundup-en
Trendlabs 1h-2016-security-roundup-en
 
13 Ransomware Statistics That Will Make You Rethink Data Protection
13 Ransomware Statistics That Will Make You Rethink Data Protection 13 Ransomware Statistics That Will Make You Rethink Data Protection
13 Ransomware Statistics That Will Make You Rethink Data Protection
 
The Quarantine Report: Cybersecurity Impact Assessment for COVID-19
The Quarantine Report: Cybersecurity Impact Assessment for COVID-19The Quarantine Report: Cybersecurity Impact Assessment for COVID-19
The Quarantine Report: Cybersecurity Impact Assessment for COVID-19
 
Cost of Cybercrime Study in Financial Services: 2019 Report
Cost of Cybercrime Study in Financial Services: 2019 ReportCost of Cybercrime Study in Financial Services: 2019 Report
Cost of Cybercrime Study in Financial Services: 2019 Report
 
Cyber Security Planning 101
Cyber Security Planning 101Cyber Security Planning 101
Cyber Security Planning 101
 

Recently uploaded

Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...amitlee9823
 
Famous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st CenturyFamous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st Centuryrwgiffor
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756dollysharma2066
 
Insurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageInsurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageMatteo Carbone
 
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...rajveerescorts2022
 
Organizational Transformation Lead with Culture
Organizational Transformation Lead with CultureOrganizational Transformation Lead with Culture
Organizational Transformation Lead with CultureSeta Wicaksana
 
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRLBAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRLkapoorjyoti4444
 
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...daisycvs
 
Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Neil Kimberley
 
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRLMONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRLSeo
 
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableSeo
 
Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1kcpayne
 
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service BangaloreCall Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangaloreamitlee9823
 
Call Girls In Noida 959961⊹3876 Independent Escort Service Noida
Call Girls In Noida 959961⊹3876 Independent Escort Service NoidaCall Girls In Noida 959961⊹3876 Independent Escort Service Noida
Call Girls In Noida 959961⊹3876 Independent Escort Service Noidadlhescort
 
Monthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptxMonthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptxAndy Lambert
 
Business Model Canvas (BMC)- A new venture concept
Business Model Canvas (BMC)- A new venture conceptBusiness Model Canvas (BMC)- A new venture concept
Business Model Canvas (BMC)- A new venture conceptP&CO
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Serviceritikaroy0888
 
Falcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investorsFalcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investorsFalcon Invoice Discounting
 

Recently uploaded (20)

Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
 
Famous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st CenturyFamous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st Century
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
 
Insurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageInsurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usage
 
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
 
Organizational Transformation Lead with Culture
Organizational Transformation Lead with CultureOrganizational Transformation Lead with Culture
Organizational Transformation Lead with Culture
 
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabiunwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
 
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRLBAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
 
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
 
Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023
 
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRLMONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
 
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
 
VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
VVVIP Call Girls In Greater Kailash ➡️ Delhi ➡️ 9999965857 🚀 No Advance 24HRS...
 
Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1
 
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service BangaloreCall Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
 
Call Girls In Noida 959961⊹3876 Independent Escort Service Noida
Call Girls In Noida 959961⊹3876 Independent Escort Service NoidaCall Girls In Noida 959961⊹3876 Independent Escort Service Noida
Call Girls In Noida 959961⊹3876 Independent Escort Service Noida
 
Monthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptxMonthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptx
 
Business Model Canvas (BMC)- A new venture concept
Business Model Canvas (BMC)- A new venture conceptBusiness Model Canvas (BMC)- A new venture concept
Business Model Canvas (BMC)- A new venture concept
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Service
 
Falcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investorsFalcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investors
 

Ransomware 2020 Report

  • 1.
  • 2. ii Datto’s Global State of the Channel Ransomware Report Introduction Key Findings COVID-19 and Security A Variety of Malware Targeting SMBs Ransomware Still a Major Challenge for MSPs Ransomware Awareness Ransomware Continues to Skirt Cybersecurity Efforts SMBs Keep Taking The Bait The Aftermath of Attacks Downtime Far More Costly Than Ransom Still Locking (After All These Years) Industries Most Susceptible to Ransomware 1 2 3 4 5 7 8 9 10 11 12 13 Table of Contents Hackers Aren’t Only Targeting SMBs… Almost Half Of MSPs Partner With MSSPs Windows Endpoint Systems Applications Most Targeted by Hackers Ransomware Creeps Into SaaS Apps Most Common Ransomware Recovery Methods BCDR Clients Are Less Likely to Experience Significant Downtime Final Takeaways 14 15 16 17 18 20 22
  • 3. 1 Datto’s Global State of the Channel Ransomware Report Introduction Datto’s Annual Global State of the Channel Ransomware Report comprises statistics pulled from a survey of more than 1,000 managed service providers (MSPs) around the world. The report provides unique visibility into the state of ransomware from the perspective of the IT channel and their small and medium business (SMB) clients who are dealing with these infections on a daily basis. The report provides a wealth of detail on ransomware, including year-over-year trends, frequency, targets, impact, and recommendations for ensuring recovery and continuity in the face of this growing threat. With respect to the current climate, the report also covers the impact that COVID-19 and the increase in remote work and cloud computing has had on ransomware trends. The goal of this report is to help shed light on the current cybersecurity landscape businesses are facing. At Datto, we believe there is no limit to what small and medium businesses can achieve with the right technology. We hope the information compiled here educates your team and encourages you to work with an MSP to mitigate the risk ransomware poses on your organization.
  • 4. Key Findings Ransomware is still the number one malware threat. Nearly 70% of MSPs report ransomware as the most common malware threat to SMBs. COVID-19 has had an impact on security — but not as much as you might think. MSPs were split on the security impact of the global pandemic. The ransomware disconnect between MSPs and SMBs remains. 84% of MSPs are ‘very concerned’ about ransomware, but only 30% report that their clients feel the same. SMBs aren’t the only businesses being targeted. 95% of MSPs agree that their own businesses are increasingly being targeted with attacks. Phishing emails top the successful attack vector list. Lack of cybersecurity education, weak passwords, and poor user practices are among the other top causes of ransomware. The aftermath of an attack is nothing nice. 62% of MSPs said clients’ productivity was impacted due to attacks, and 39% said their clients experienced business-threatening downtime. The average ransom requested by hackers stayed roughly the same year-over-year. MSPs report the average requested ransom for SMBs is $5,600 per incident, compared to $5,900 last year. MSPs report that the average cost of downtime is 94% greater than it was in 2019. Downtime costs are nearly 50X greater than the ransom requested in 2020. 91% of MSPs report that clients with BCDR solutions in place are less likely to experience significant downtime during a ransomware attack. 92% of MSPs predict ransomware attacks will continue at current, or worse, rates. 1 6 2 7 3 8 4 9 5 10 2 Datto’s Global State of the Channel Ransomware Report
  • 5. 3 Datto’s Global State of the Channel Ransomware Report COVID-19 and Security Many MSPs reported that the number of ransomware attacks and security vulnerabilities increased during COVID-19 due to an increase in remote work and cloud computing. However, it is worth pointing out that it wasn’t an overwhelming increase—more of an even split between those who saw an increase and those who did not. North American MSPs are somewhat more concerned about cloud security than their European and Asia Pacific counterparts. North America Europe Asia Pacific Increased risk can be attributed to user carelessness and security vulnerabilities associated with BYOD, according to respondents. “The risk comes from users lowering their guard as there are so many other things that have changed—health risks, working from home, etc,” said one MSP. of MSPs said remote work due to COVID-19 resulted in increased ransomware attacks. of MSPs reported that shifting client workloads to the cloud came with increased security vulnerabilities. 59% 52% 55% 42% 47% “[Personal devices] have been introduced to corporate/business environments despite objections re: security policies/endpoint protection, etc. Additionally, there are significant additional remote work security threats, from device theft to family members using corporate machines for personal work/study,” said another. MSPs report healthcare as the most vulnerable industry during the pandemic (59%), followed by finance/insurance (50%), and government (45%). A Mixed Bag GEO T RE N DS
  • 6. Datto’s Global State of the Channel Ransomware Report A Variety of Malware Targeting SMBs In the last two years, MSPs report the following types of malware have affected clients: Among the malware threats impacting SMBs, ransomware is still at the top of the heap. However, it’s far from the only threat on their plate. Viruses, adware, spyware, and remote access trojans rounded out the top five. Cryptojacking, hot last year, cooled considerably, dropping 15 percentage points. This tracks with mainstream reports that cryptojacking is in decline as hackers have grown impatient with slow returns on coin mining. *Survey respondents were able to select multiple answer choices. 4 Exploit kits 11% Spyware 44% Viruses 56% Ransomware 68% Adware 53% Worms 15% Rootkits 13% Cryptojacking 16% Keyloggers 11% Remote access trojans 19%
  • 7. Ransomware Still a Major Challenge for MSPs Ransomware continues to plague MSPs and the SMBs they serve. However, respondents reported a slight decline in the frequency of attacks. 78% of MSPs reported attacks on their clients in the past two years, down from 85% last year. That being said, ransomware is still a very real threat with 60% of MSPs seeing attacks in the first half of 2020. It is worth noting that the general disruption of COVID-19 and resulting economic downturn may have impacted the frequency of attacks on the SMBs that MSPs serve. This is purely speculative, and outside of the research conducted for this report. However, it will be interesting to see whether MSPs report an uptick in ransomware attacks as the global economy continues to recover. European MSPs report that their clients suffered more attacks than any other region. MSPs believe that will be the case. Nearly all respondents said they expect ransomware attacks will rise in the upcoming year. of MSPs report attacks against SMBs in the last two years of MSPs report attacks against SMBs in 2020 alone of MSPs predict attacks will increase in the next year of MSPs report that clients suffered multiple attacks in a single day 78% 60% 92% 11% North America Europe Asia Pacific GEO T RE N DS 79% 77% 85% 5 Datto’s Global State of the Channel Ransomware Report
  • 8. Ransomware is not going away, but attackers may have shifted their focus temporarily to other revenue streams during COVID-19. If you think of ransomware like a ‘business’ that needs to respond to changing market conditions, it makes sense for those attackers to focus on more stable sources of revenue, like larger enterprises, during an economic downturn. Enterprises both represent a larger ‘return on investment’ to hackers and are more resilient to fluctuations in the economy. Ransomware is a numbers game, and larger companies simply represent a better target in tough economic times. Ryan Weeks Chief Information Security Officer, Datto, Inc. 6 Datto’s Global State of the Channel Ransomware Report
  • 9. 7 Datto’s Global State of the Channel Ransomware Report Ransomware Awareness SMB Security Budgets on the Rise There is still a disconnect between SMBs and MSPs when it comes to perceptions about ransomware. The majority of MSPs believe businesses should be “very concerned” about the threat of ransomware, but only 30% report their clients feel this way. However, it appears that SMBs are beginning to understand how damaging ransomware attacks can be. 32% of MSPs report clients are “moderately concerned” and 34% say clients are “somewhat concerned”. In addition to the growing awareness above, increased IT security spending shows that SMBs are beginning to take ransomware, and security in general, seriously. The slight decline in ransomware attacks this year might also indicate that these security efforts are having a positive impact. Compared to their North American and Asia Pacific counterparts, fewer European MSPs said their clients feel “very concerned” about ransomware attacks. North America Europe Asia Pacific of MSPs report SMBs are “very concerned” about ransomware of MSPs report SMBs should be “very concerned” about ransomware of MSPs said their clients increased budget for IT security in 2020. 30% 50% 84% SMBs vs. MSPs 31% 19% 33% GEO TREN DS
  • 10. Ransomware Continues to Skirt Cybersecurity Efforts Despite increased security spending, MSPs report that ransomware averted cybersecurity efforts including employee education, antivirus, email filtering, pop-up blockers, and endpoint detection solutions. Of them, 50% said ransomware averted antivirus/anti-malware solutions. When asked about which antivirus/anti-malware solutions specifically, MSPs said: Ransomware is able to get around these solutions because the cybercriminals frequently modify their malware to avoid detection. What’s worse, the social engineering tactics criminals use to dupe victims have become very sophisticated and hard to detect—even with security education (more on that below). That’s why a multilayered approach to ransomware that includes business continuity is so important. Security software and training are essential to prevent attacks before they happen. Business continuity enables organizations to resume normal operations quickly if security measures fail. Anti-malware filtering (email-, network-, and web-based) Legacy signature-based antivirus Endpoint detection and response NextGen anti-virus 59% 42% 24% 12% 8 Datto’s Global State of the Channel Ransomware Report
  • 11. Datto’s Global State of the Channel Ransomware Report SMBs Keep Taking the Bait As noted above, end user education is an essential piece of an effective ransomware protection strategy. This year’s survey results bear that out: phishing, poor user practices, and lack of end user cybersecurity training were the three most common causes of successful ransomware breaches. So, it is important to note that security training must go beyond just how to identify phishing attacks. While phishing topped the list, weak passwords, open RDP access, and a host of other user errors were also to blame for breaches. Leading causes of ransomware attacks reported by MSPs: *Survey respondents were asked to select three answer choices. Phishing emails Poor user practices/gullibility Lack of cybersecurity training Weak passwords/access management Open RDP access Clickbait Malicious websites Lost/stolen user credentials Lack of funding for IT security solutions Lack of executive buy-in for adopting security solutions 54% 27% 26% 21% 20% 17% 14% 10% 8% 8% 9 60
  • 12. Datto’s Global State of the Channel Ransomware Report The Aftermath of Attacks Ransomware attacks can result in considerable business downtime, because breaches are rarely limited to a single computer. Most of the ransomware in use today is designed to crawl business networks, looking for additional machines to infect. If the malware goes undetected, it doesn’t take long for numerous user devices, servers, and even data in SaaS applications to become encrypted. Restores can be time consuming, especially using traditional backup tools. So, it makes sense that loss of business productivity and business-threatening downtime were at the top of the list of ransomware results. It also explains why nearly 20% of MSPs reported that SMBs were forced to pay a ransom in order to return to normal business. All of this highlights the need for a business continuity solution that enables SMBs to return to work fast. *Survey respondents were asked to select three answer choices. Consequences resulting from ransomware attacks reported by MSPs: 10 Loss of business productivity Stolen data Business-threatening downtime Hackers threatened to publicize data if ransom went unpaid Lost data and/or device Ransomware remained on system, struck again! Decreased customer profitability Failure to meet SLA requirements Clients paid ransom and recovered data Failure to achieve regulatory compliance Damaged reputation Paid a ransom but data was never released 24% 28% 39% 62% 6% 6% 10% 13% 19% 4% 17% 4% 70 70
  • 13. Downtime Far More Costly than Ransom When it comes to ransomware attacks, MSPs report the cost of downtime is nearly 50X greater than the ransom requested. *All survey respondents answered in U.S. dollars. Average Ransom in... Average Cost of Downtime in... 2018 $4,300 2019 $5,900 2020 $5,600 MSPs report the average cost of ransom stayed roughly the same in 2020 as it was in 2019. So while there has been a slight decline in the frequency of attacks, hackers are still demanding a high ransom payment. We saw a big uptick in average ransom from 2018 to 2019, when the demands increased by 37%. MSPs reported that the average downtime cost per incident has increased by 94% from 2019 and a staggering 486% from 2018. So, what does this mean exactly? Well, on face value it means that downtime costs are higher than reported two years ago, obviously. This may mean that downtime costs have increased, or it could mean that MSPs are getting better at calculating the real costs of downtime. Either way, it’s clear that MSPs understand that the damage associated with business downtime is far more costly than the actual ransom. Downtime costs vary widely among businesses and these numbers are based on MSP estimates. To calculate the cost of potential downtime for your business, check out our Recovery Time and Downtime Cost Calculator. 11 Datto’s Global State of the Channel Ransomware Report Region North America $6,200 $308,900 Europe $3,500 $185,800 Asia Pacific $4,400 $257,000 Ransom Downtime GEO TRE N DS 2018 $46,800 2019 $141,000 2020 $274,200 2020: Ransom vs. Downtime Costs
  • 14. Datto’s Global State of the Channel Ransomware Report For the 5th consecutive year in a row, MSPs reported CryptoLocker as the top ransomware variant impacting their clients (52%). WannaCry was next on the list at 26%, followed by Cryptowall (16%) and Locky (13%). Interestingly, 33% of respondents said they weren’t sure what kind of ransomware they dealt with. This is important to note for two reasons. First, the type of ransomware ultimately doesn’t really matter—every type can result in business downtime. Second, the methods MSPs use to combat ransomware and recover following attacks are the same regardless of the strain. *Survey respondents were able to select multiple answer choices. 0 10 20 30 40 50 60 Still Locking (After All These Years) 12 CryptoLocker 52% WannaCry 26% Cryptowall 16% Locky 13% Emotet 10% Petya 7% CryptXXX 7% TeslaCrypt 6% notPetya 5% TorrentLocker 4% CBT Locker 3% CoinVault 3% CrySis 3% Wallet 2% Osiris 2% Not sure what type 33%
  • 15. Datto’s Global State of the Channel Ransomware Report Industries Most Susceptible to Ransomware This year we asked MSPs what industries were most susceptible to ransomware attacks due to COVID-19. Perhaps not surprisingly, healthcare was in the top spot. 59% of MSPs said they believed healthcare to be the most vulnerable. Hackers are well known for staging attacks against victims that are already compromised in some way. So, it makes sense that cyber criminals would go after healthcare organizations during a global pandemic. Finance/insurance was in the second slot (50%) and Government in third (45%). These verticals were also seriously impacted by the pandemic for obvious reasons. Outside of the top three, the rest of the list looks fairly similar to previous years’ results. *Survey respondents were able to select multiple answer choices. 13 0 10 20 30 40 50 60 70 Construction/ Manufacturing 59% Professional Services 50% Finance/Insurance 45% 41% Legal 36% Non-Profit 35% Retail 35% Real Estate Other 29% Travel/ Transportation 29% Architecture/Design 27% Consumer Products 25% Government 23% Education 22% Media/ Entertainment 22% Energy/ Utilities 22% Telecom High Technology 18% 17% 7% Industries most susceptible to ransomware due to COVID-19: Healthcare
  • 16. Hackers Aren’t Only Targeting SMBs… 2FA and SSO Use 95% of respondents agreed that MSPs are being increasingly targeted by ransomware attacks. This is likely due to a number of high profile attacks on SMBs in recent memory. In attacks like these, hackers use MSP credentials to access and spread ransomware to their clients. In other words, by compromising an MSP, cybercriminals get more bang for their buck. MSPs are taking the threat seriously. More than half are now using password management and multi-factor authentication tools, as you will see below. 44% reported that they are using an identity provider for Single Sign-on (SSO). Microsoft Azure Active Directory was by far the top choice of SSO identity providers among respondents. 47% of MSPs said they use Azure AD for SSO. Of that 44%, nearly 70% use the same provider for two-factor authentication (2FA). 14 Datto’s Global State of the Channel Ransomware Report
  • 17. Datto’s Global State of the Channel Ransomware Report Almost Half of MSPs Partner with MSSPs 46% of MSPs now partner with managed security service providers (MSSPs) for assistance with IT security—for their clients and their own businesses. In fact, the number one reason MSPs reported doing so was to improve their own security preparedness— another sign that MSPs are taking the possibility of attacks on their own businesses seriously. Ultimately, partnering with an MSSP boils down to accessing expert guidance. IT security is a broad, complex discipline which requires specialization to develop expertise. MSSPs have it, and MSPs need it. *Survey respondents were able to select multiple answer choices. To boost cybersecurity/ ransomware preparedness at my MSP To better understand available and effective security technologies To reduce cyber risk to my business For cybersecurity solution sales To educate my staff through experience and exposure A pathway to transforming my MSP to an MSSP To share cyber risk with another organization Other 15 0 20 10 30 40 50 60 54% 10% 22% 23% 35% 45% 45% 47% 46% of MSPs now partner with MSSPs for assistance with IT security MSPs that partner with MSSPs cited the following reasons:
  • 18. Datto’s Global State of the Channel Ransomware Report Windows Endpoint Systems Applications Most Targeted by Hackers 91% of ransomware attacks targeted Windows PCs this year, according to MSPs. This tracks with phishing emails being the number one attack vector and the sheer number of Windows PCs in use today. It also highlights the need for endpoint protection and backup solutions. Ransomware attacks on these systems have a significant impact on user productivity, and in turn, a business’ ability to generate revenue. Solutions that allow employees to return to work quickly following attacks should be considered essential. Windows Servers followed at 76%. That’s because ransomware may enter a network via a phishing email, but as noted above, it doesn’t take long before the malware spreads across networks to infect other systems. A business continuity solution that can recover server workloads locally or in the cloud is critical to minimize business interruption following a ransomware attack. *Survey respondents were able to select multiple answer choices. Windows PCs Windows Tablet Android Windows Server Apple MacOS Apple iOS Endpoint systems most targeted by ransomware attacks: 91% 8% 6% 76% 7% 4% 16
  • 19. Ransomware Creeps Into SaaS Apps Nearly 1 in 4 MSPs reported ransomware attacks on clients’ SaaS applications. Of them, Microsoft was hit the hardest. This isn’t particularly surprising, since so many organizations rely on Microsoft 365. It was somewhat surprising, however, to see that more than half saw ransomware in Dropbox. Google Workspace rounded out the top three at 25%. *Survey respondents were able to select multiple answer choices. of MSPs report attacks within Microsoft 365 of MSPs report attacks within Dropbox of MSPs report attacks within Google Workspace 64% 25% 54% 17 Datto’s Global State of the Channel Ransomware Report
  • 20. 18 Datto’s Global State of the Channel Ransomware Report Most Common Ransomware Recovery Methods Re-imaging a machine from a backup was the number one ransomware recovery method this year. This is a significant change from last year, when re-imaging from default took the top spot. This year that was in the third spot tied with virtualizing the system from a backup image. *Survey respondents were able to select multiple answer choices. Restore a machine from a backup Restore from files Re-image from default Virtualize the system from a backup image Run software to cleanup threat Paid ransom 76% 36% 27% 33% 15% 31%
  • 21. I’m pleased to see that ‘re-imaging from backup’ was the top method MSPs are using to recover from ransomware attacks. This shows MSPs have matured their recovery methods. Two years ago, MSPs were still dealing with the shock of ransomware, scrambling to put something in place for recovery and largely re-imaging machines from scratch. Last year, they were in the process of changing how they do things, putting the right solutions in place with their customers to minimize downtime and data loss. Now, we are starting to see results of those efforts manifest in more mature recovery mechanisms. Ryan Weeks Chief Information Security Officer, Datto, Inc. 19 Datto’s Global State of the Channel Ransomware Report
  • 22. Datto’s Global State of the Channel Ransomware Report BCDR Clients Are Less Likely To Experience Significant Downtime Most Effective Solutions to Combat Ransomware Business continuity and disaster recovery (BCDR) Employee training Patch management Unified threat management Antivirus / Anti-malware software Email / Spam filters Browser isolation Endpoint detection and response platform Identity access management solution Endpoint / Mobile management platform 20 of MSPs said clients with BCDR products in place are less likely to experience significant downtime from ransomware. 91%
  • 23. 21 Datto’s Global State of the Channel Ransomware Report We require Datto SIRIS as a minimum for all our clients as one of the security/continuity layers we put in place. To me, it’s just as important as cybersecurity insurance. When talking to prospects about BCDR, we discuss ransomware detection and remediation in addition to sharing stories about how quickly we have gotten clients running on local failover. Recently, a local police station we support experienced server failure, and we were able to get them back up and running in just minutes with Datto SIRIS. Brian J. Weiss CEO, ITECH Solutions 21 Datto’s Global State of the Channel Ransomware Report
  • 24. Final Takeaways Ransomware awareness seems to be increasing. Across the board, there were indicators that MSPs and SMBs are taking steps to combat ransomware attacks. And, their efforts are having an impact. While still the most common type of malware attack, ransomware attacks declined slightly from last year. Increased SMB security spending, MSPs partnering with MSSPs, and use of security measures like SSO and 2FA all point to an increase in security awareness. SMBs need multiple solutions to combat attacks. Today’s standard security solutions alone are no match for today’s ransomware, which can penetrate organizations through phishing attacks and avert detection from security solutions. Reducing the risk of infections requires a multi-layered approach rather than a single product. SMBs must prepare the front line of defense: their employees. Today’s companies must provide regular and mandatory cybersecurity training to ensure all employees are able to spot and avoid potential attacks. While attacks declined slightly this year, phishing attacks remained the most successful attack vector, followed by a number of other employee errors that could be mitigated with better security training. SMBs need a continuity strategy. Once again, survey data shows that there is no surefire way of preventing ransomware attacks, even with proper security solutions in place. That’s why business continuity was ranked the number one solution to combat attacks again this year. Since ransomware is designed to spread across networks and SaaS applications, endpoint and SaaS backup solutions designed for fast restores are critical. 1 3 2 4 22 Datto’s Global State of the Channel Ransomware Report
  • 25. Datto’s Global State of the Channel Ransomware Report Datto.com About the Report Datto’s Global State of the Channel Ransomware Report is comprised of statistics pulled from an online survey of 1,000+ Datto partners that was distributed throughout the month of August 2020. About Datto As the world’s leading provider of cloud-based software and technology solutions purpose-built for delivery by managed service providers (MSPs), Datto believes there is no limit to what small and medium businesses can achieve with the right technology. Datto offers Unified Continuity, Networking, and Business Management solutions and has created a unique ecosystem of MSP partners. These partners provide Datto solutions to over one million businesses across the globe. Since its founding in 2007, Datto continues to win awards each year for its rapid growth, product excellence, superior technical support, and for fostering an outstanding workplace. With headquarters in Norwalk, Connecticut, Datto has global offices in the United Kingdom, Netherlands, Denmark, Germany, Canada, Australia, China, and Singapore. Copyright © 2020 Datto Inc. All rights reserved. For more information: Phone: 916-235-4200 Email: sales@fortistelecom.net https://fortistelecom.net