If not familiar, Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid. A computer can become infected with Ransomware in a number of ways; thorough an email, an infected link, or even an infected ad on a webpage.
Ransomware has been around for a long time, and has recently exploded due to the increasing popularity of Cryptocurrency, such as Bitcoin. Many are probably familiar with Ransomware variants such as Cryptolocker, TeslaCrype, or WannaCry.
Although it does not gain as much media attention, Ransomware is still alive and kicking. In fact, the number of Ransomware attack reports has increased from 2016 to 2018. Datto, a leading provider of MSP-deliver IT solutions, publishes an annual ‘State of Ransomware’ Report discussing the trends that IT providers are experiencing in relation to Ransomware.
The key take always:
- Ransomware attacks continue to climb. From Q2 2016 – Q2 2018, 79 percent of Managed Service Providers (MSPs) report ransomware attacks against customers. In the first six months of 2018 alone, 55 percent report ransomware attacks against clients. 92 percent of MSPs predict the number of ransomware attacks will continue at current rates or even potentially worse.
- In the first half of 2018, an alarming 35 percent of MSPs report clients suffered multiple attacks in a single day (up from 26 percent, year-over-year).
- On average, MSPs report over five attacks against clients per year. However, only about 24 percent of those attacks are reported to authorities, meaning the problem is much larger than we actually know.
- MSPs rank phishing emails as the top ransomware delivery method followed by malicious websites, web ads, and clickbait.
- The cost of downtime is 10 times higher than the ransom demanded per incident. MSPs report the average requested ransom for SMBs is ~$4,300 while the average cost of downtime related to a ransomware attack is ~$46,800
For more statistics and best practices, check out the full report: Datto’s Global State of the Channel Ransomware Report.
In summary, Ransomware is still a threat. Necessary precautions should be taken in order to help reduce your organization’s attack surface. Such items should include an antivirus solution, a Unified Threat Management (UTM) hardware firewall, DNS based malware protection, and end-user training. Ransomware will never be eliminated, but with the proper precautions and training, the probability of an infection can significantly be reduced.