Businesses paid $301 million to ransomware attackers in 2016, according to a new study from security company Datto Inc.
The company surveyed more than 1,700 managed service providers (MSPs) who work with more than 100,000 small-to-mid-sized businesses (SMBs) around the world. Ninety-nine percent of MSPs predict a rise in ransomware attacks will continue over the next two years.
The survey also found that about 5 percent of all SMBs worldwide fell victim to ransomware over the past year. Most of the financial strain of these attacks occurs not as the result of the ransom demanded by attackers, but because of the resultant downtime and data loss.
“The impact of downtime affects SMBs far more than the cost of ransom requests,” said Robert Gibbons, CTO at Datto. He said 75 percent of MSPs reported having clients that experienced business-threatening downtime as a result of a ransomware attack.
Ransomware incidents have been more frequent in 2017 than in previous years, according to 97 percent of MSPs. A majority (86 percent) said small business clients were victimized by ransomware within the last two years and 15 percent report six or more attacks affecting their clients over the last year.
More ransomware attacks are being reported to the authorities, the study said, but the majority of incidents are not. In 2016 and so far in 2017 slightly less one in three SMB ransomware attacks have been reported to authorities.
