American Small Businesses Lose an Estimated $75 Billion a Year to Ransomware, New Datto Survey Finds

Sep 07, 2016

91% of IT Service Providers Report Having Clients Victimized by Cyber-Attackers, But Less Than a Quarter of Businesses Currently Report Attacks to Authorities

91 Percent of IT Service Providers Report Having Clients Victimized by Cyber-Attackers, But Less Than a Quarter of Businesses Currently Report Attacks to the Authorities

Norwalk, Connecticut, September 7, 2016 — Surveying more than 1,000 IT service providers in the United States and internationally, representing hundreds of thousands of small businesses, a new study by Datto, the leading provider of total data protection solutions for businesses around the world, revealed today that 91 percent of respondents reported having their clients victimized by ransomware in the past twelve months. A shocking 40 percent of survey respondents reported more than half-a- dozen separate attacks during the same time frame. In the United States, these attacks cause $75 billion in damages to small and medium-sized businesses, with downtime from ransomware often costing businesses more than $8,500 per hour.

The survey was among the first of its kind to shed light on the largely unknown but rapidly growing form of cyber attack in which hackers commandeer a company’s data and hold it under password protection until a considerable ransom is paid, usually in bitcoin - a digital, anonymous currency. One reason for the lack of awareness regarding ransomware, the survey also found, was the relatively low rate, roughly one in four, of businesses reporting attacks to the authorities.

In a clear indication of ransomware’s growth as a major impediment to business, 31 percent of respondents replied that they experienced multiple attacks in a single day, a number experts expect will continue to grow. Ransomware attacks like these can cause crippling downtime for businesses and 63 percent of survey respondents mentioned that a ransomware attack led to business-threatening downtime.

“Ransomware is not about a couple of hacker kids sitting in the basement and messing around,” said Austin McChord, Datto’s CEO. “It’s a major enterprise orchestrated by large and well-funded companies, and it’s becoming a massive problem for businesses, regardless of industry or geographical location. Our survey found that a considerable number of businesses experienced business-threatening downtime as a result of being attacked, and that most attacks sailed right past the anti-viruses and other measures small businesses think will protect them from such cyber crime.”

According to the survey’s other findings, the average ransom demanded ranges between $500 and $2,000—often a considerable expenditure for a small business with limited resources—with more than ten percent of respondents, however, reporting a ransom larger than $5,000. And payment, sadly, does not guarantee the data’s return: as much as seven percent of respondents reported incidents in which payment did not result in the secure return of the hijacked data.

While ransomware affected all industries, the most vulnerable to attacks were the professional services industry, health care, and construction and manufacturing. The overwhelming majority of respondents were American, with additional responses collected by managed service providers in Canada, Australia, the United Kingdom and elsewhere.

“As those of us in the industry know, and as business owners are only now beginning to realize, ransomware is likely to continue, costing the American economy hundreds of millions of dollars and jeopardizing the ability of tens of thousands of companies to carry on,” said Jeremy Koellish, Chief Operating Officer, TekTegrity. “As this survey proves, the only businesses who were able to successfully overcome a ransomware attack close to 100 percent of the time were those with backup and recovery solutions in place, and we hope more businesses pay attention and take the necessary precautions.”

About Datto:

Datto protects essential business data for tens of thousands of the world’s fastest growing companies. Our Total Data Protection platform delivers uninterrupted access to data on site, in transit and in the cloud. Through Datto’s network of partners, we provide companies with products and services designed to continually keep business running. Businesses rely on Datto for industry leading technology combined with unrivaled customer service. Datto is headquartered in Norwalk, Connecticut, and has offices in Rochester, Boston, Toronto, London, Singapore, and Sydney.