Subnet Blog

Is there a dangerous disconnect between SMB's and how they see risk?

Posted by Brett Lodge on 15 July 2019 at 12:17:45 ACST

Reading through the latest ransomware report provided by Datto and collated from 200+ Managed Services Providers across Australia and New Zealand, I grew concerned about how Australian Small-Medium Businesses may be thinking about the growing threat landscape.

Of note in the report, Datto found that nearly 90% of MSPs were 'Highly Concerned' about the ransomware threat while in comparison, only 44% report their SMB clients felt the same. This highlights a real risk in some SMB's underestimation of outages, data loss and threats to their businesses.

When factoring in the aftermath of an attack, the above stats become more serious,

69% of MSPs reported that their client had business productivity loss,
Nearly 60% of MSPs said the client's downtime threatened the continuation of their business.

If these figures are correct, over half of the clients impacted by ransomware almost went under, while only just over one-third thought ransomware was a significant issue. This shows a potentially disastrous disconnect between the industry and the end user, which is a real concern.

In a ConnectWise Service Provider conference held in Queensland in March this year, results from a Webroot Cloud Antivirus survey found that within SMB's, the top Ransomware attack vectors were:

1.7% from Social Engineering,
13.8% from Phishing attacks, 
84.5% were from Remote Desktop Protocol exploits.

Therefore unpatched servers were the primary cause of malicious code being on the network - which is easily preventable through simple maintenance.

More-so, 75% of organisations paid the ransomware when their backups were compromised in the attack. Unfortunately, at Subnet, we still find this affects many SMB customers; utilising USB hard drive technology to back up the server environment means these backups are compromised by the same ransomware event.

With the average ransom amount paid in Q4 2018 levelling up to $6,733 per incident, it doesn't take many of these events to understand the 60% chance of losing an SMB business in an attack.

To find out more statistics that show how you might be impacted, download and read through the recent Datto Ransomware report or reach out to your account manager to discuss how Datto backup and recovery might be able to reduce your business risk today. 

Topics: Security, Managing Director, ransomware