Nobody is invincible: Datto reveals the facts behind APAC MSP ransomware report
Late last year Datto put the all-powerful and all-ubiquitous threat of ransomware in the spotlight after releasing its APAC MSP Ransomware Research report, which surveyed 103 managed service providers (MSPs) from Australia, New Zealand, Singapore, Malaysia and the Philippines.
We spoke with James Bergl about the report, its effects on how managed service providers operate now - and in the future.
“Datto's growth is extremely high at the moment. From an organisational perspective we have more than 800 staff at the global level. A lot of those staff are going into support and R-D in terms of product enhancements. I don't think I've experienced such fast innovation in terms of the types of products that are seen with Datto,” he says.
The company has built its name on cyber threats and ransomware, and the industry is more turbulent an ever.
The APAC ransomware research report found that a quarter of MSP said their clients have experienced multiple ransomware attacks in a single day, and 85% of them have experienced an attack in the last 12 months.
“The level of success comes down to whether attackers received the fee for ransomware. 45% of business identified that they have business-threatening downtime and 58% of them actually lost their data. In terms of the average ransomware fee, it worked out at around $12,000 in terms of the fee that was paid,” Bergl says.
But it's not about loss, as he says there are opportunities to recover and restore from a previous backup image. It's just a matter of how quickly organisations can get their businesses operational again.
“Just because you can restore and not necessarily pay the fine of $12,000 - if it takes you one or two days to get operational again you could be looking at tens or hundreds of thousands of dollars of downtime.
It takes a multi-layered approach to ransomware to tackle the ever-changing nature of ransomware, Bergl says.
“A lot of the MSPs we surveyed use a multi-layer security approach. They'll use antivirus, anti-malware, software, backup, firewalls. But none of those things, standing alone, can be bulletproof. Even if all of those solutions are in place, the innovation and evolution of ransomware, there's new strains that are always looking to bypass those security measures,” Bergl says.
“We believe – and this has resonated with our channel partners too – that backup and disaster recovery technology is a core part of that security stack. The piece that Datto can do successfully is provide limited downtime through fast restore.
“So when someone opens an email, which is one of the primary ways ransomware gets into the network and can bypass antivirus and anti-malware, what Datto is able to do is quickly restore from a previous image before the ransomware came in, all within a few minutes.
The report found that 78% of MSPs believe ransomware will increase, but 49% of those believe there will only be a slight increase in ransomware activity.
Bergl says it's an interesting contradiction, but what's missing from the equation is ultimately education.
“It's education from the channel partners; the vendors and security vendors such as ourselves; it's educating the MSPs; and it's also going to be educating the end users.
He says that Datto works with channel partners through seminars, training and through end user presentations.
“We're continually investing. This ransomware survey is an example of our commitment to understanding what is in place in the market, sharing that knowledge in an open manner and then helping our partners to deliver that content. The benefits are risk analysis to their end customers.
One of the standout statistics from the ransomware report showed that 2% of MSPs feel ‘invincible' against cyber attacks. Why is this the case? Bergl says nobody should feel invincible against ransomware, even if they've got a robust, multi-layered security stack.
“The chances of that being able to protect someone in six months are always going to be moving. It's very important to keep your finger on the pulse with what's happening in the market, what the threat landscape looks like and continually aligned solutions to deliver business goals. For us, that's delivering continuity. “
Looking at the overall theme of the ransomware report, Bergl says that it's surprising that end users aren't quite aware of the breadth of the problem.
“One of the things that the survey identified is that it's not just a particular type of business. It's not just large, midsize, small businesses or particular verticals. The attacks are across the entire spectrum. It doesn't matter whether you're a one-man-band or a multinational corporation, the opportunity for ransomware to get into these particular networks is equal across the entire board.
“We believe nobody is invincible and education is a critical part. Education from the channel perspective to their customers that it doesn't matter who you are, you are at risk of getting hit,” Bergl says.
“We hear time and time again that ‘it hasn't happened to me and it won't happen to me'. I think that's a risky strategy as an owner of a small business. If we can begin to share some of these statistics and provide the education on what it means to them – whether they're a medical practice or manufacturer or an accountancy firm – it really can happen to anyone.