Ransomware Downtime Costs Doubled Since 2019, MSPs Report

  • Remote work and cloud computing contribute to increase in ransomware attacks
  • Healthcare industry most vulnerable during pandemic
  • 54% of MSPs say phishing is the most successful ransomware attack vector
  • One in four MSPs reported ransomware attacks on clients’ SaaS applications

Ransomware remains the most common cyber threat to small and medium-sized businesses (SMBs), with 60% of managed service providers (MSPs) reporting that their SMB clients have been hit as of Q3 2020.

The impact of ransomware attacks keeps growing, according to a study by Dattom. MSPs report that the average cost of downtime due to ransomware this year is 94% greater than in 2019, and nearly six times higher than it was in 2018, increasing from $46,800 to $274,200 over the past two years.

Phishing, poor user practices, and lack of end user security training are the main culprits.

95% of MSPs find themselves at higher risk than ever, likely due to the increasing sophistication and complexity of ransomware attacks. 46% now partner with specialized managed security service providers for IT security assistance to protect both their clients and their own businesses.

SMBs, for their part, are spending more on security. 50% of MSPs say their clients have increased their budgets for IT security in 2020.

In a worrying finding, the average cost of downtime continues to dwarf the actual ransom amount demanded by the attackers. Downtime costs related to ransomware are on average nearly 50 times greater than the ransom requested, participants in the survey said.

The move to remote working and the accelerated adoption of cloud applications have increased security risks for businesses, the research found. 59% of MSPs said remote work due to COVID-19 resulted in increased ransomware attacks, and 52% of MSPs reported that shifting client workloads to the cloud increased security vulnerabilities.

“As a result, SMBs need to take precautions to avoid the costly disruptions that occur in the aftermath of an attack,” the researchers said,

The healthcare industry is the most vulnerable during the pandemic, 59% of respondents said. XLCON, an MSP serving mostly small clinics, supports these findings, Travis Lass, President of XLCON, says in-house IT is virtually non-existent at small clinics.

“As ransomware attacks continue to increase, it’s critical we do everything we can to support them by arming them with best-in-class technology that will fend off malicious attackers looking to take advantage of the already fragile state of the healthcare industry,” Lass said.

54% of MSPs say phishing is the most successful ransomware attack vector, and nearly one in four reported ransomware attacks on clients’ SaaS applications, with Microsoft being hit the hardest, at 64%.

“These attacks mean that SMBs must consider the vulnerability of their cloud applications when planning their IT security measures and budgets,” the researchers said.

Windows endpoint systems applications are the most targeted by hackers, with 91% of ransomware attacks targeting Windows PCs this year.