Cost of Ransomware Related Downtime Increased More Than 200 Percent, an Amount 23 Times Greater Than the Ransom Request

October 16, 2019

Datto Global Survey Uncovers Business Impact and Increasing Frequency of Ransomware Attacks

Norwalk, CT — October 16, 2019 — Datto, Inc., the leading global provider of IT solutions delivered through managed service providers (MSPs), today announced findings from its fourth annual Global State of the Channel Ransomware Report. The survey of more than 1,400 MSP decision makers that manage the IT systems for small-to-medium-sized businesses (SMBs) found that ransomware remains the most common cyber threat to SMBs.

Ransomware, a kind of malicious software, makes business data inaccessible until a ransom is paid. While it is used against businesses of all sizes, SMBs have become a prime target for attackers. The 2019 Global State of the Channel Ransomware Report uncovered a number of ransomware trends specifically impacting the SMB market:

  • Ransomware attacks are pervasive. The number of ransomware attacks against SMBs is on the rise. Eighty-five percent of MSPs reported attacks against SMBs over the last two years, compared to 79 percent of MSPs who reported the same in 2018. In the first half of 2019 alone, 56 percent of MSPs reported attacks against SMB clients.
  • A disconnect exists on the significance of ransomware as a threat. Eighty-nine percent of MSPs report that SMBs should be very concerned about the threat of ransomware. However, only 28% of MSPs report SMBs are very concerned about the threat.
  • The cost of ransomware is significant. Sixty-four percent of MSPs report experiencing a loss of business productivity for their SMB clients while 45 percent report business-threatening downtime. The average cost of that downtime is $141,000, a more than 200 percent increase over last year’s average downtime cost of $46,800. The report also uncovered that the cost of downtime is now 23 times greater than the average ransom request of $5,900.

One of the most basic and effective controls when it comes to ransomware preparation is being underutilized. MSPs report enabling 2FA on only 60 percent of email clients and 61 percent of password managers, despite the fact that the majority of MSPs (67 percent) claim phishing emails are the leading cause of ransomware breaches at SMBs.

Business continuity and disaster recovery (BCDR) solutions have continued to prove to be the most effective in lessening the impact of a ransomware attack. Ninety-two percent of MSPs report that their clients with BCDR solutions in place are less likely to experience significant downtime during an attack. In addition, four out of five MSPs state victimized clients with BCDR tools in place recovered from an attack in 24 hours or less, while less than one in five MSP clients without BCDR were able to do the same. MSPs are in a unique position today to educate SMBs on how to protect against a ransomware attack, including employee training and the tools to implement.

“Protecting our SMB clients from cyber attacks like ransomware requires an understanding of their business, detailed preparation, and the right mix of technologies,” said Jason Grilo, Network Operation Center Manager at Solūt, an MSP that specializes in providing creative IT solutions to meet the individual needs of their clients throughout Edmonton, Canada. “IT downtime can cripple a small business, making it critical to have a proactive approach to cybersecurity. As ransomware attacks continue to increase in frequency and sophistication, we’ll work directly with our clients to help reduce the risk and impact of an attack.”

MSPs are also a prime target of ransomware attacks, with the Department of Homeland Security issuing warnings to MSPs this time last year. Four out of five MSPs state that they are increasingly targeted by attackers. However, only half of MSPs have external expertise available to help them in the event of a large scale attack against them or their clients. Sixty percent of MSPs do, however, carry cyber liability insurance to help offset the cost associated with a ransomware attack.

“MSPs need to set the tone for their SMB customers when it comes to preparing for and responding to ransomware attacks,” said Ryan Weeks, Chief Information Security Officer at Datto. “They need to protect themselves first by improving their organization’s cyber hygiene in order to keep their clients safe. MSPs must adopt 2FA universally for any technology they use to service clients, as well as their own business. In a climate where cyber attacks have become an everyday occurrence, 2FA across all technology solutions is one of the most effective controls to reduce the likelihood of a successful attack.”

For more information, download Datto’s State of the Channel Ransomware Report.

About Datto

As the world’s leading provider of IT solutions delivered by Managed Service Providers (MSPs), Datto believes there is no limit to what small and medium businesses can achieve with the right technology. Datto offers business continuity and disaster recovery, networking, business management, and file backup and sync solutions, and has created a one-of-a-kind ecosystem of partners that provide Datto solutions to businesses across the globe. Since its founding in 2007, Datto continues to win awards each year for its rapid growth, product excellence, superior technical support, and for fostering an outstanding workplace. With global headquarters in Norwalk, Connecticut, Datto has international offices in the United Kingdom, Netherlands, Denmark, Germany, Canada, Australia, China, and Singapore. Learn more at

# # #

Media contact:

Jackie D’Andrea

InkHouse for Datto

Phone: 781-966-4143