The Datamax Thinking Blog

Educating, collaborating, and sparking ideas for maximizing the technology that matters.

Ransomware Attack Report: Equipping Front Lines of Defense - Employees

2020 Datto Ransomware Report - Datamax

While attacks declined slightly this year, phishing attacks remained the most successful attack vector, followed by a number of other employee errors that could be mitigated with better security training.

The front line, in military terminology, is the position(s) closest to the area of conflict of an armed force's personnel and equipment. It's a vulnerable position on the battlefield, but also in the office.

Employee cyber security education is an essential piece of any effective ransomware protection strategy. But as SMBs keep taking the phishing bait, their front lines — their own employees — are exposed as a weak link in their defense plan. 

Datto recently released its annual “Global State of the Channel Ransomware Report.” Based on statistics compiled from a survey of more than 1,000 Managed Service Providers, the report provides unique visibility into the state of ransomware from the perspective of the IT channel and MSPs around the world.  

While attacks declined slightly this year, phishing attacks remained the most successful attack vector, followed by a number of other employee errors that could be mitigated with better security training, Datto says in the report.

Attack vectors change and social engineering continues to evolve. Equipping the front line of defense with ongoing, proactive cyber security education is more essential than ever before. 

4 Takeaways from the 2020 Datto Ransomware Report:

1. Ransomware still reigns supreme.

Nearly 70 percent of MSPs report ransomware as the most common malware threat to SMBs.
However, respondents reported a slight decline in the frequency of attacks. 78% of MSPs reported attacks on their clients in the past two years, down from 85% last year. That being said, ransomware is still a very real threat with 60% of MSPs seeing attacks in the first half of 2020.

Additionally, as the global economy continues to recover, 92 percent of MSPs predict that attacks will increase in the next year.

2. Awareness is on the rise.

According to the report, while there’s still a disconnect between SMBs and MSPs when it comes to ransomware readiness, SMBs are beginning to take note of the serious consequences at stake with ransomware.

According to the report, 30 percent of MSPs report SMBs are “very concerned” about ransomware, a number slightly up from the year before. Perhaps more telling? 50 percent of MSPs report their clients increased budget for IT security in 2020.

3. Yet, end user education still suffers.

While IT spend increases, end user education remains a missing piece to the ransomware prevention puzzle. When asked the leading causes of ransomware attacks reported by MSPs, the top three listed were phishing emails, poor uses practices/gullibility and lack of cybersecurity training.

All three of these cases point back to end user education and the necessary training it takes to effectively eliminate businesses from taking the “bait.”

4. The cost of downtime is tremendous. 

The ransom attached to a ransomware attack is costly, but it pales in comparison to the cost of downtime. In fact, MSPs report the cost of downtime is nearly 50X greater than the ransom requested.

The average cost of downtime in 2018 was $46,800, and that number grew to an average of $274,200 in 2020. In other words, MSPs reported that the average downtime cost per incident has increased by 94% from 2019 and a staggering 486% from 2018.

According to the report, “This may mean that downtime costs have increased, or it could mean that MSPs are getting better at calculating the real costs of downtime. Either way, it’s clear that MSPs understand that the damage associated with business downtime is far more costly than the actual ransom.”

Front Line Defense: 4 Strategies for Your End Users:

1. Confirm with colleagues.

If you don't know, ask. Two-factor approval, much in the same vein as two-factor authentication, involves employees across departments training themselves to call a known, internal colleague to confirm that a request for information was in fact sent from that individual.

2. Stay in control of your clicks.

Don't let a link be in control of where you land. Stay in control by finding the website yourself using a search engine to be sure you land where you intend to land. Hovering over links in email will show the actual URL at the bottom, but a good fake can still steer you wrong.

3. Beware of any download.

If you don’t know the sender personally AND expect a file from them, downloading anything is a mistake.

4. Slow down.

If nothing else, take a step back before taking action. Scammers want you to act first and think later. If the message conveys a sense of urgency or uses high-pressure sales tactics be skeptical; never let their urgency influence your careful review.

In essence, the story remains unchanged when it comes to ransomware. Top-to-bottom business awareness, multi-layered security protection, proper business continuity planning, and certainly end user education, continue to be a much needed defense strategy against ransomware. 

Interested in reading further? Click below to download the full report!

Get the Full Ransomware Report ›


Topics: Network Management Network Security Ransomware