News Feature | April 27, 2016

What MSPs and VARs Should Know About Crypto-Ransomware

Christine Kern

By Christine Kern, contributing writer

2 New Strains Of Ransomware Reported

Downtime translates into major costs due to loss of access to data.

Downtime suffered by companies as a result of ransomware attacks can cost more than just the ransom demands, and the majority of MSPs and VARs are not recouping the time and money spent on wiping and restoring their computer systems. This according to findings from the 2016 Crypto-Ransomware Report.

Conducted by cloud business applications provider Intermedia, the survey found downtime translates into major data recovery costs, traumatized employees, reduced customer satisfaction, missed business deadlines, and lost sales. Surprisingly, 39 percent of IT consultants said they did not bill their customers for the time spent helping them recover from ransomware attacks, even though many customers were willing to pay an incremental fee.

Spotlighting the responses of nearly 300 experts, the report addresses what MSPs and VARS need to know about Crypto-Ransomware to help avoid the damage downtime can cause.

The report found 43 percent of IT consultants have had customers hit by ransomware, while 48 percent experienced an increase in ransomware-related support inquiries. Fifty-nine percent anticipate the number of attacks to increase in 2016. Industries with the most to lose from ransomware include accounting/finance/banking (64 percent), information technology (46 percent), government (45 percent) and e-commerce (36 percent), according to IT consultants.

One of the chief concerns regarding ransomware attacks is the loss of data access. The report found on average companies experienced a loss of access for three days, with most businesses experiencing one day of access. In the recent high-profile hospital ransomware attack on Hollywood Presbyterian Medical Center, the hospital systems were down for over a week before it decided to give in to demands and pay the estimated $17,000 ransom to return to business, as Health IT Outcomes reported. And in a separate attack, Methodist Hospital in Henderson, KY lost access for three days as it fought to fend off a ransomware attack that left it in an “internal state of emergency,” according to Health IT Outcomes.

Hollywood Presbyterian raised debate when it gave into hackers’ demands, and the Intermedia report found three quarters of IT consultants reported their affected customers did not pay the ransom. Of those who did pay, 71 percent got files restored and on average paid $250 per user in ransom.

When compared to IT consultants, more MSPs said they are extremely concerned (10 percent to 23 percent, respectively) regarding ransomware. The percentages changed for those who reported being very concerned, with MSPs at 20 percent, IT consultants at 25 percent, and VARs at 43 percent.

Ransomware also tends to attack larger businesses, according to the data: 89 percent victimized those with 10 or more employees; 60 percent hit those with more than 100 employees.

In the aftermath of an attack, 83 percent of those polled said they spent three days or less wiping and restoring impacted computers, with 13 percent spending no more than eight hours on the task and 7 percent spending more than a week on the restoration.

MSPs were also the fastest at the wipe-and-restore process (45 hours), compared to IT consultants 953 hours) and VARs (72 hours).