According to a recent report from cyber intelligence company Group-IB, the number of ransomware attacks grew by 150% in 2020. These attacks caused an average of 18 days of downtime for the affected companies – the majority of which were large enterprises – while the average ransom increased nearly twofold.
Another report found that the number of detected ransomware attacks increased seven-fold in 2020 compare to 2019, highlighting the scale of the issue now facing businesses and their security teams.
Much of this has been driven by the fallout from the Covid-19 pandemic. The significant business disruption, combined with the widespread shift to remote working over the last 12 months, has created a perfect storm of factors for hackers to exploit. And they have embraced the opportunity, with attacks growing in scale and sophistication.
With all this in mind, there can be no escaping the fact that ransomware will remain one of the top global security threats in 2021 and beyond as cybercriminals continue to capitalise on what has quickly become a multi-billion dollar industry. Managed Service Providers (MSPs) must respond by investing in the best partnerships so that they can offer their customers the protection they need from this evolving threat.
Traditional defenses falling short
Organisations in both the public and private sector are targets for attackers, and this includes big corporations such as Colonial Pipeline and Brenntag, that no doubt had security measures in place. Despite this, they ended up paying around $4.4 million in ransom payments, which highlights how difficult it is to prevent ransomware attacks.
A major challenge facing businesses is that common prevention efforts – such as phishing awareness training and anti-malware software – have proven either ineffective or unreliable. Ransomware is able to circumnavigate many of the network and user security approaches that businesses have traditionally relied on.
For example, hackers commonly employ social engineering and phishing techniques to dupe authorised users into providing their access security credentials, giving the attacker authorised access to the systems on the network. Although training can help to mitigate this threat, human nature makes it impossible to guarantee security. The risk of human error will always be prevalent.
In an attempt to protect against the growing ransomware threat, more businesses have turned to the expertise of MSPs, which typically provide the regular IT security measures such as firewalls and anti-virus tools. However, in today’s world, these solutions that are designed to prevent ransomware or reactively contain an attack become obsolete faster than ever before. Threats and their identifying signatures are continuously evolving, putting MSPs and businesses on the back foot.
Finally, data encryption is a common bulwark against ransomware – but it too falls short. Although this can prove effective where cyber-criminals want to access and share the data, with ransomware the data can simply be re-encrypted to prevent the rightful owners from accessing it.
There is more to security than these technology measures. It’s clear that, as MSPs and their customers move into cyber criminals’ crosshairs, a better solution is needed. This is where Ransomware Protection-as-a-Service (RPaaS) comes into play.
The need for RPaaS
Rather than tools that attempt to shield organisations from attacks, today’s businesses need access to solutions that protect data backups to allow quick recovery in the event of an attack.
MSPs can meet this need through RPaaS solutions that use S3 Object Lock, which works by locking data on a storage device so that it cannot be changed or deleted within a defined time period. This capability enables users to make backup data copies immutable and, therefore, invulnerable to hacker encryption or deletion. The data immutability ensures availability of a clean data copy for quick and reliable recovery in the event of a ransomware attack, helping organisations to minimise recovery costs and ensure business continuity.
The additional benefit of Object Lock is that it’s enabled through object storage solutions, providing additional cost and scalability benefits compared to other data backup targets. Traditional hardware backup targets are expensive and limited in terms of scale, while public cloud targets can result in lengthy restore times. By leveraging RPaaS through object storage, MSP customers will benefit from fast and cost-efficient data availability that enables them to overcome the potentially devastating operational and financial impact of ransomware.
Ultimately, the need for a new approach to data protection has never been greater. Cybercriminals have the upper hand, but there are clear steps MSPs and their customers can take to win back control of their business-critical data.
The key is to move beyond traditional ransomware protection by building data immutability into security infrastructures. With Object Lock protection provided through an RPaaS solution, modern businesses can be confident that they can overcome threats to their continuity, productivity and data security– even potentially debilitating ransomware attacks.