A new report has found that the construction industry is the most targeted by ransomware globally, most likely due to market factors making it difficult to invest in IT staffing or services.
IT company Datto Incorporated’s Global State of the Channel Ransomware Report found that the ups and downs of the economy and rarity of recurring revenue has impacted the construction industry’s ability to protect itself from ransomware, a concern for a sector that can benefit greatly from digitisation and 5G.
Ransomware is a type of malicious software that makes business data inaccessible until the ransom is paid. It is used against businesses of all sizes; however the report finds that small to medium businesses have become a prime target for attackers.
The report is based on a survey of more than 1400 managed service providers (MSP) that oversee IT systems for small to medium businesses.
It also found that the number of ransomware attacks against small to medium businesses is on the rise, with 91 per cent of MSPs in Australia and New Zealand reporting attacks against small to medium businesses, the highest rate globally.
Related stories:
- Intel insight: data is the new oil
- 4D mapping to revolutionise Victorian urban planning
- Real-time data is a game changer for construction
There is a disconnect between MSPs and businesses about the significance of ransomware as a threat, according to the report, which found 89 per cent of MSPs said that small to medium businesses should be concerned, but only 28 per cent of them were.
The cost of ransomware was also found to be significant, with 64 per cent of MSPs reporting a loss of business productivity while 45 per cent reported business-threatening downtime. The average cost of this downtime was found to be US$141,000 (around $207,000), more than 200 per cent higher than the previous year’s average downtime loss.
“Ransomware attacks most often succeed through very sophisticated phishing techniques – for example, when someone clicks on something they shouldn’t and the malware infiltrates their contact list – the attackers then use those credentials to exploit further,” said ASI Solutions Head of Services Daniel Johns.
“As such, a proactive approach to cybersecurity, including user awareness and training, is vital.”