Many Canadian SMBs are underestimating the threat of ransomware, if a survey by business continuity vendor Datto Inc. of their managed service providers is accurate.
The recent survey of 250 managed service providers (MSPs,) partners and customers with Datto solutions found they believe only one-third of small and medium business in this country are “highly concerned” about ransomware.
However, 83 per cent of MSPs said their clients were struck by ransomware in the past two years, and 37 per cent said their customers suffered multiple ransomware attacks on the same day. By comparison, 65 per cent of MSPs said their customers were hit by viruses and 56 per cent were struck by spyware.
One-third of respondents said poor user practices or gullibility was responsible for customer cyber security vulnerabilities, while 29 per cent said customers suffered from lack of end-user awareness training and an equal number suffered from weak passwords or weak access management.
In an interview Datto CISO Ryan Weeks said answers to some questions — such as the belief that only 33 per cent of customers are highly concerned about ransomware — were estimates by managed service providers of their customers. However, he said MSPs — which include IT solution providers as well as managed security service providers — are a “barometer” of what is going on in customer environments.
The Canadian survey was part of a global survey of Datto’s MSP customers.
Among the more interesting findings, Weeks said, is that on average ransom demands are higher in Canada than in other countries surveyed (an average of US$6,600 per incident here compared to an average US$4,300 elsewhere). It suggests criminals think they can squeeze more money out of companies here, he said.
Meanwhile the average cost of downtime was estimated by MSPs at US$49,500, higher than the average in other countries surveyed.
Another surprise to Weeks is how ineffectual anti-virus solutions appear to be. Eight-five per cent of respondents said their victim customers had AVsoftware; 69 per cent said victim customers had email filters. “That’s definitely a headscratcher,” Weeks said. He guessed “legacy” AV isn’t catching threats that are better disguised by attackers.
A full ransomware response plan needs prevention, detection, communications, data recovery and post-incident analysis, says the report.
Read highlights of the report here. Registration required.