Downtime related to such attacks is increasing by 300% in Europe, year-on-year, higher than the global average of 200%
However, the associated system downtime from ransomware is hitting small organisations even harder – costing European businesses around £107,956 on average, an eye-watering 53 times more than the average ransom requested in 2019, and higher than the global average of 23 times. 54% of MSPs report that their clients suffered a loss of business productivity after a ransomware attack, followed by 34% suffering business-threatening downtime, alongside citing lost data and/or devices and decreasing client profitability (both 33%), and infections spreading to other devices on the network (32%).
Professional services industry most affected by ransomware
47% of MSPs reported that the professional services industry is the most affected by ransomware attacks, followed by construction and manufacturing (35%), retail (25%), non-profit (22%). The telecom and energy / utilities industries appear to be the least affected with only 3% and 1% of MSPs reporting attacks in these industries.
IoT tops the list of future ransomware attacks
Security doesn’t appear to be top of mind during the design of IoT devices and cyber attackers will find ways to exploit this vulnerability. 69% of MSPs predict ransomware will target IoT devices, followed by social media accounts (59%) and utility infrastructures (52%). As ransomware continues to become more sophisticated, 51% believe ransomware will bankrupt entire companies.
MSPs are also targeted by ransomware attacks
Ransomware remains the most prominent malware threat to businesses across Europe (83%). 61% of MSPs reported ransomware attacks against their clients in the first half of 2019, compared to the global average of 56% and 19% of those were multiple attacks in a single day, again higher than the global average of 15%. For the fourth consecutive year, MSPs report CryptoLocker as the top ransomware variant attacking clients (47%) followed by WannaCry (44%). However, the report also revealed that SMEs aren’t the only businesses being targeted by hackers – 3 in 5 MSPs agree that their own businesses are being increasingly targeted by ransomware attacks.
Disconnect between MSPs and SMEs when it comes to ransomware threat
Despite the business-threatening downtime implications of ransomware attacks, the report indicated that there is still a disconnect between MSPs and SMEs when it comes to the ransomware threat. 82% of MSPs are “very concerned” about the ransomware threat but only 8% of those reported that their SME clients feel the same.
Leading causes of ransomware
Phishing (65%), lack of cyber security training (31%), and weak passwords (27%) are the top three causes of successful ransomware attacks.