Global State of the Channel Ransomware Report

Introduction – Global State of the Channel Ransomware Report

Datto’s Annual Global State of the Channel Ransomware Report comprises statistics pulled from a survey of more than 1,000 managed service providers (MSPs) around the world. The report provides unique visibility into the state of ransomware from the perspective of the IT channel and their small and medium business (SMB) clients who are dealing with these infections on a daily basis. The report provides a wealth of detail on ransomware, including year-over-year trends, frequency, targets, impact, and recommendations for ensuring recovery and continuity in the face of this growing threat.

With respect to the current climate, the report also covers the impact that COVID-19 and the increase in remote work and cloud computing has had on ransomware trends.

The goal of this report is to help shed light on the current cyber security landscape businesses are facing. At Datto, we believe there is no limit to what small and medium businesses can achieve with the right technology. We hope that the information compiled here enables MSPs to educate their clients and work with them to mitigate the risk ransomware poses on businesses.

Key Findings

1. Ransomware is still the number one malware threat. Nearly 70% of MSPs report ransomware as the most common malware threat to SMBs.
2. COVID-19 has had an impact on security—but not as much as you might think. MSPs were split on the security impact of the global pandemic.
3. The ransomware disconnect between MSPs and SMBs remains. 84% of MSPs are ‘very concerned’ about ransomware, but only 30% report that their clients feel the same.
4. SMBs aren’t the only businesses being targeted. 95% of MSPs agree that their own businesses are increasingly being targeted with attacks.
5. Phishing emails top the successful attack vector list. Lack of cyber security education, weak passwords, and poor user practices are among the other top causes of ransomware.
6. The aftermath of an attack is nothing nice. 62% of MSPs said clients’ productivity was impacted due to attacks, and 39% said their clients experienced business-threatening downtime.
7. The average ransom requested by hackers stayed roughly the same year-over-year. MSPs report the average requested ransom for SMBs is $5,600 per incident, compared to $5,900 last year.
8. MSPs report that the average cost of downtime is 94% greater than it was in 2019. Downtime costs are nearly 50X greater than the ransom requested in 2020.
9. 91% of MSPs report that clients with BCDR solutions in place are less likely to experience significant downtime during a ransomware attack.
10. 92% of MSPs predict ransomware attacks will continue at current, or worse, rates.