The Aftermath of a Ransomware Attack: Downtime Hurts, BCDR Helps

June 22, 2021

The Aftermath of a Ransomware Attack: Downtime Hurts, BCDR Helps

By Courtney Heinbach

There has been no shortage of ransomware attacks in the news lately with major targets like Bose, Electronic Arts, and Colonial Pipeline Co. The small and medium businesses (SMBs) of the world know all too well that ransomware is about more than just getting your data back–it’s getting systems back up and running to ensure profits face a minimal impact that is the real challenge.

The business impact of downtime

Our fifth annual State of the Channel Ransomware Report spotlighted the growing cost of downtime for SMBs following a ransomware attack. Managed service providers (MSPs) reported downtime costs have risen an astonishing 486% since 2018. The complexity and sophistication of attacks are taking a much bigger toll as recovery is time-consuming, especially when businesses rely on outdated backup tools.

Ransomware attacks can result in considerable business downtime because breaches are rarely limited to a single computer. Most of the ransomware being distributed today is designed to crawl business networks looking for additional machines to infect. If the malware goes undetected, it doesn’t take long for user devices, servers, and even data in SaaS applications to become encrypted.

The business impact of ransomware

Business-threatening downtime was at the top of the list of how ransomware negatively affects clients. Nearly 20% of MSPs reported that SMBs were forced to pay a ransom in order to return to normal business operations. All of this highlights the need for a business continuity solution that enables SMBs to return to work fast.

MSPs reported these top five consequences resulting from ransomware attacks:  

  • 62% - loss of business productivity
  • 39% - business-threatening downtime 
  • 28% - lost data and/or device 
  • 24% - decreased customer profitability
  • 19% - clients paid the ransom and recovered data

 *Survey respondents were able to select multiple answer choices. 

Downtime costs far outweigh initial ransom demand

When it comes to ransomware attacks, MSPs report the cost of downtime is nearly 50 times greater than the ransom requested, with the average ransom coming in at $5,600 and downtime costing, on average, $274,200–an exponential increase from previous reports. 

Based on the regional breakdown of our respondents, North American MSPs face the highest potential downtime costs as a result of ransomware, and European MSPs face the least. 

Downtime costs vary widely among businesses and these numbers are based on MSP estimates. To calculate the cost of potential downtime for your clients, check out our Recovery Time and Downtime Cost Calculator.

How businesses can prepare for ransomware and downtime risk

While there are preventative steps to take against ransomware, no protection is foolproof. With this in mind, it’s important to have a sound recovery strategy to ensure downtime is minimised. 91% of MSPs surveyed reported that their clients with business continuity and disaster recovery (BCDR) solutions in place are less likely to experience significant downtime during a ransomware attack.

BCDR solutions are built specifically for scenarios where systems and business-critical data are unavailable. Once a network or fleet is impacted by ransomware and the files are encrypted by hackers, MSPs spring into action and initiate virtualisation to get their clients’ systems up and running on a separate network completely free from ransomware. This takes just minutes, but without the BCDR tool, it could take days or weeks for businesses to get access to their systems again. Once the SMBs’ systems are virtualised, they can run their business as normal until their original devices and networks are fully restored and free from ransomware. 

Datto SIRIS is fundamentally different than traditional backup and recovery solutions. Utilising a cloud-first approach, MSPs can offer their clients an all-in-one solution that incorporates local backup and recovery with a secure, cloud-based repository and full disaster recovery in the cloud. All of this administered from a multi-tenant cloud portal that allows MSPs to view, manage, and recover client data from a single interface. 

From servers to virtual machines, Datto SIRIS is the secure business continuity solution built for MSPs to protect client data. Security comes first with two-factor authentication and the immutable Datto Cloud to deliver the all-in-one solution for backup and recovery in a ransomware world.


Datto’s Global State of the Channel Ransomware Report

Ransomware is a growing problem for businesses of all sizes. In our annual report, learn about the risks MSPs and the channel face, and how businesses are working to combat ransomware.

Read More
Relevant Articles

Subscribe to the Blog