Business Daily Media

Business Marketing


Defending against ransomware – it’s a matter of when, not if

  • Written by James Bergl, Regional VP, ANZ at Datto

Ransomware is the single biggest cyberthreat facing businesses today. Being attacked by cybercrooks using ransomware is a matter of when, not if. So, if you’re going to come under attack, what are some preventative measures you can take to ensure that your business will continue as usual?

Datto’s recent Annual Global State of the Channel Ransomware Report surveyed 1000 managed service providers (MSPs) around the world on what they’re seeing when it comes to this malicious software and the criminals behind it.

The report makes for sobering reading, with around 70 per cent of MSPs reporting that ransomware is the most common malware threat to small and medium sized businesses.

Ransomware is a particularly insidious form of attack, as crooks will use techniques like phishing (sending legitimate-looking emails that encourage an unsuspecting user to open them and click on a link that downloads malware), to get access to a computer and from there to the business network.

Once the criminals have access to the network, they do two things. The first is that they extract precious business data – known as exfiltrating – and upload it somewhere they can access it later. Then they encrypt all the data on the network, making it impossible for the business to keep running.

Once they’ve done those things, they issue demands: pay up or we will release your data to the world, and if you don’t pay, your data will stay encrypted.

The cost of ransomware

The costs associated with a ransomware attack are dramatic. Sixty-two percent of businesses hit by ransomware report experiencing lost productivity. Thirty-nine per cent say that they undergo business-threatening downtime, while 28 per cent report lost data and 24 per cent decreased profitability.

However, it’s the downtime that’s associated with a ransomware attack that is the real killer. Although ransoms haven’t gone up much over the last couple of years, and average around $4,400 in Asia-Pacific, the costs associated with the downtime that a business will experience until it can deal with the attack are constantly rising. Our research found that the average downtime cost for a business in Asia-Pacific is just over a quarter of a million dollars, a figure that has risen 94 per cent since 2019.

Small and medium sized businesses aren’t the only ones being attacked. Ninety-five per cent of managed service providers also report they are coming under fire from ransomware, and 84 per cent of those surveyed said they were very concerned about the threat.

Contrast this to the MSP’s clients, of which only 30 per cent are concerned about being hit with a ransomware attack.

The causes of ransomware and how to defend against it

The single biggest defence an MSP or SMB has against being hit by ransomware is having a business continuity and disaster recovery (BCDR) solution. Ninety-one per cent of MSPs reported that clients who have this type of defence are less likely to experience significant downtime during a ransomware attack.

Business continuity and disaster recovery is a broad set of tools, from backup and recovery through to endpoint protection that allows a business to quickly bounce back if it is hit by a ransomware attack. BCDR means being able to get the organisation up and running quickly again, minimising downtime, and reducing the need to pay a ransom to the cybercrooks.

The leading cause of a ransomware infestation is from phishing emails, followed by poor user practices, a lack of cyber security training and weak passwords.

That’s why, along with BCDR, the best defence against these nasty attacks is to ensure that the business has prepared their staff to be the frontline of the defence strategy. MSPs and SMBs must provide regular and mandatory cybersecurity training to give staff the ability to spot and avoid potential attacks.

With ransomware being the number one cyber threat facing business, having a solid BCDR strategy is absolutely vital. But along with that comes the need to train staff to spot attacks before they happen – this means giving them the knowledge to see a phishing email for what it is, along with practicing good cyber hygiene with strong passwords and good access management.

While it’s likely that most businesses will get hit by ransomware, being prepared is the best way to bounce back, and avoid the crippling costs of these attacks.


Australia’s leading online book retailer Booktopia Group Limited (ASX: BKG) (“the Company”) is  pleased to announce it has finalised a $12 million f...


6 International Expansion Strategies to Achieve Global Competitive Edge

Business growth has always been the number one priority of every business. Growing the business and expanding it from one city to a statewide lo...

Business Training

How to Get Your Business Found Online

Nowadays, getting your business out there means leaving digital footprints online ‘large’ enough so your customers can see and hopefully click and...

Business Training

How to Improve Marketing Strategy Using Surveys

Every business owner knows how important marketing is. However, there are more than a few ways to go about forming your marketing strategies. Many m...

Business Training

The Rise and Rise of Cyber Threats: Why Due Diligence is More Important Than Ever

It’s no surprise that Australia, like many countries, is facing a rise in cyber security threats with the latest Australian Cyber Security Center ...

Business Training

Most Attractive Places for Horse Riding Lovers in Spain

With a long and rich history of horse riding culture, Spain is one of the most popular destinations of its kind, not only in Europe but in the wor...

Business Training