Eighty-six percent Small to Medium Business (SMB) clients were recently victimized by ransomware and 21 percent report six or more SMB attacks in the first half of 2017 alone, according to Datto’s State of the Channel Ransomware Report

Key findings from the ransomware report include:

  • An estimated five percent of global SMBs fell victim to a ransomware attack from 2016 to 2017. According to 97 percent of managed service providers (MSPs), ransomware attacks are more frequent in 2017.
  • According to 99 percent of MSPs, the frequency of SMB targeted attacks will continue to increase over the next two years.
  • Less than one in three ransomware attacks are reported by SMB victims to the authorities, a marked improvement from one in four incidents reported in 2016. Additionally, 35 percent report SMBs paid the ransom, down from 41 percent in 2016. The total cost of ransom paid to ransomware hackers in 2017 is $301M. Of those victims that pay up, 15 percent still never recover the data.
  •  As a result of a ransomware attack, 75 percent of MSPs report clients experienced business-threatening downtime. Nearly 30 percent of MSPs report a ransomware virus remained on an SMB’s system after the first attack and struck again at a later time. One in three MSPs report ransomware encrypted an SMB’s backup, making recovery even more complex. 
  • Nearly 85 percent of MSPs who’ve dealt with ransomware report seeing CryptoLocker. Additional common variants include CryptoWall, Locky and WannaCry, which is a new addition to the list. 
  • Among those industry verticals who are targeted most by ransomware attacks are Construction, Manufacturing and Professional Services. SaaS applications continue to be a growing target for ransomware attacks with Dropbox, Office 365 and G Suite most at risk. Mobile and tablet attacks are also on the rise.
  • While 90 percent of MSP respondents cited they are “highly concerned” about the business threat of ransomware, only 38 percent of SMB clients felt the same. This could be due to the lack of mandatory cybersecurity training across SMBs, which MSPs cite as the leading cause of ransomware infections.