A recent report* found an increase in ransomware attacks in AU/NZ has led to millions in downtime-related costs and ransomware payments.
Across Australia and New Zealand, a growing number of small-to medium-sized businesses (SMBs) fell victim to ransomware in 2016-2017. The total amount of ransom paid from these attacks was over $12M. Ninety-two percent of the managed service providers (MSPs) surveyed reported their clients had recently been victimised by ransomware.
The report suggested that less than 21% of ransomware attacks were reported by victims to the authorities. Additionally, 45% of SMBs paid the ransom. Of those that paid, 14% never recovered their data. The ransom is not what hurt organisations most the study found. The downtime and data loss cut the deepest. Almost 80% of MSPs reported clients experienced business-threatening downtime resulting from a ransomware attack. I have heard twice recently, from credible sources, that 60% of businesses that experience a breach go out of business within 6 months. That is an alarming statistic and I will try and find the original source for that as soon as I can.
The report shows that no industry, operating system, cloud or device was safe from attacks. Of special note was the finding that Dropbox, Office 365 and G Suite were most at risk while mobile and tablet attacks were also on the rise (many of us mistakenly assume that our phones and tables are immune).
Over 90% of those attacked had virus protection, while more than 70% had email/spam filters and had fully patched and updated applications. These technical “solutions” were obviously not enough protection.
Alarmingly, 15% reported the ransomware remained on the client’s system and reinfected after the first attack and 48% reported the ransomware encrypted the client’s back-ups as well.
The report found that 45% of businesses paid the ransom (a total of over $12m paid by Australian SMEs, typically between $500 and $2k requested) and 14% still never recovered their data. The only protections were (1) backup and disaster recovery systems and procedures (e.g., multiple physical backups not connected to the Net or the Cloud) and (2) a cyber-safe culture (including regular cyber security education and training).
Of course, this is what Cultural Cyber Security is all about … so if you want to be prepared for the inevitable, contact me now - James Carlopio 0488 028 054 or use the Contact link to email me and we can discuss how CCS can help!
-----------------------------------------------------------------------------------------------------------------
* Datto’s 2018 Global State of the Channel Ransomware Report is comprised of statistics from an annual survey of 100 managed services providers in Australia and New Zealand.