Florian Malecki explains how MSPs can protect themselves and their customers from ransomware
Managed service providers (MSPs) increasingly find themselves a prime target for ransomware. According to global cyber insurance provider Beazley, there was a 37% increase in ransomware attacks in the third quarter of 2019, compared to the previous quarter. Even more shocking, a staggering 25% of all incidents were against MSPs.
The Blackberry Cylance 2020 Threat Report also highlights the growing threat to MSPs posed by cyber criminals who increasingly view the channel as an attack point to spread ransomware, noting that ‘threat actors were able to widely distribute attacks by compromising managed security service providers and infiltrating their customers’ environments’.
MSPs are a natural target for hackers because they run IT systems and networks for many different clients. With a single attack, hackers can capture the critical data of not just one company but many and hold that data for ransom at a very high price. Moreover, hackers know that MSPs will feel more pressure to pay the ransom. After all, if an MSP falls prey to ransomware, its customers might lose not only access to their data but also faith in the MSP.
With the ransomware problem set to grow in severity as companies leverage technologies like IoT, artificial intelligence and 5G to process ever more data, MSPs that don’t take steps to protect themselves from the ransomware threat risk losing customers and potentially compromising their entire business.
Here are three things MSPs can do today to reduce their exposure to this rapidly expanding threat:
1 Create a regular backup schedule and test backups. The best way to take the sting out of a ransomware attack is to ensure mission-critical data is backed up on a regular basis before an attack occurs. If data is stored in the cloud, MSPs should be sure to have another copy somewhere offline. If backups are stored on disks in a data centre, extra copies should be kept somewhere offsite. MSPs should also make it a habit periodically to test backup copies to ensure they can reliably restore data when needed.
2 Invest in patch management. As the saying goes, an ounce of prevention is worth a pound of cure. This is especially true when it comes to ransomware and the wad of cash that would be needed to ‘cure’ the problem and make it go away! Experts estimate that up to 30% of all ransomware attacks can be prevented simply by having updated and patched software, so the good news is that simply having a patch management programme in place can prevent ransomware from catching MSPs off guard. Systems should be updated regularly and new patches applied as soon as they are released.
3 Promote good security hygiene. An MSP’s weakest security link is not its IT systems, but its people. This is especially true as hackers deploy new and pernicious social engineering techniques designed to trick employees. The education and training of all employees on how to spot malware should be considered a priority. If employees come across a link or an email that looks a bit odd, it probably is, and they should be trained never to open it. They should also be made fully aware of the repercussions of a successful ransomware attack on the business.
A vital role
MSPs that effectively manage the ransomware problem will be at a significant advantage. They will have their house in order and be able to grow their business by helping their customers combat these attacks. MSPs can play a vital role in educating their clients to better understand the current threat landscape, as well as arming them with the tools they need to protect their critical data.
One important way MSPs can protect their clients is by offering penetration testing services that measure clients’ existing defences and how susceptible they are to attack. The reality is that most organisations don’t perform security tests, which leaves them vulnerable to ransomware threats. As part of a penetration testing service, MSPs can send suspicious emails to their clients to gauge whether they open them or click on embedded links.
MSPs can also help their clients implement strategies around data backup and recovery. By deploying or recommending the right backup solution, MSPs will be in a better position to react quickly to ransomware attacks and undo any damage. Specifically, MSPs should leverage modern data backup solutions that take snapshots of data every 90 seconds, thus creating a series of recovery points and ensuring that, even if ransomware does sneak through, the customer’s information will remain intact.
Ransomware is not going away. If anything, the problem is only getting worse, threatening to cripple organisations large and small. MSPs can play a vital role in helping clients stay ahead of the hackers by better protecting their own data and business.
Florian Malecki is International Product Marketing Senior Director at StorageCraft, a provider of advanced data management, protection and recovery solutions. Together with its channel partners, StorageCraft helps small and medium-sized organisations keep their business-critical information safe, accessible and optimised through intelligent data protection and management solutions, converged primary and secondary scale-out storage and world-class cloud backup and DRaaS services. Regardless of whether an organisation relies on on-premises, cloud-based or a hybrid IT environment, StorageCraft solves the challenges of exploding data growth while ensuring business continuity through best in class protection and recovery solutions.