Managed service providers (MSPs) increasingly find themselves a prime target for ransomware. A recent attack on a U.S.-based MSP that impacted more than 100 of its clients is just one example, and sadly, attacks like this are becoming more and more commonplace.
Enticed by the promise of easy money, ransomware attackers have catapulted to the forefront. Indeed, global cyber insurance provider Beazley reported a 37% increase in ransomware attacks in the third quarter of 2019 compared with the previous quarter. Even more shocking is that a staggering 25% of all incidents were against MSPs.
MSPs are a natural target for hackers because they run IT systems and networks for many different clients. With a single attack, the bad guys can capture the critical data of not just one company, but many companies—and then hold that data for ransom at a very high price.
Hackers also know that MSPs will likely feel more pressure to pay the ransom. After all, if an MSP falls prey to ransomware, its customers could not only lose access to their data—they could also lose faith in the MSP.
As a result, MSPs need to take extra preventive and curative measures to protect themselves against the massive threat posed by ransomware. If they don’t, they risk losing customers—and potentially compromising their entire business.
3 Steps to Get Your Own House in Order
Here are three things MSPs can do today to dramatically reduce their exposure to this rapidly expanding threat:
1. Create a regular backup schedule and test backups. The best way to take the sting out of a ransomware attack is by backing up mission-critical data on a regular basis before an attack occurs. If MSPs have data stored in the cloud, they need to have another copy somewhere offline. If MSPs have backups stored on disks in their own data center, they must keep extra copies somewhere off-site. MSPs should also make it a habit to periodically test their backup copies to ensure they can reliably restore data when needed.
2. Invest in patch management. As the adage goes, an ounce of prevention is worth a pound of cure. This is especially true when it comes to ransomware. The good news is that experts estimate that up to 30% of all ransomware attacks can be prevented by simply having updated and patched software. With that, having a simple patch management program in place can prevent ransomware from sneaking in through the back door. MSPs must regularly update their systems and apply new patches as soon as they are released.
3. Promote good security hygiene. An MSP’s weakest security link is not the IT systems, it’s their people. This is especially true as hackers deploy new and pernicious social engineering techniques designed to trick employees. MSPs must make it a priority to educate and train all employees on how to spot malware. For example, if employees come across a link or an email that looks a bit odd, it probably is—so they should be trained to never open it. Every employee must understand the repercussions of a successful ransomware attack on the business.
Grow Business by Getting Your Clients’ Houses in Order
MSPs that effectively manage the ransomware problem will be at a significant advantage. Not only will they have their house in order, they can also grow their business by helping their customers combat these attacks. MSPs can play a vital role in educating their clients to better understand the current threat landscape and arm them with the tools they need to effectively protect their critical data.
One important way MSPs can protect their clients is by offering penetration testing services that measure how susceptible their existing defenses are to attack. The reality is that most organizations today do not perform security tests, which leaves them vulnerable to ransomware threats. As part of their penetration testing service, MSPs can send suspicious emails to their clients to gauge whether they open them or click on embedded links.
MSPs can also help their clients implement strategies around data backup and recovery. For example, by deploying or recommending the right backup solution, MSPs will be in a better position to quickly react to ransomware attacks and undo any damage. Specifically, MSPs should leverage modern data backup solutions that continually take snapshots of data every 90 seconds, thus creating a series of recovery points and ensuring that, even if ransomware does sneak through, the customer’s information will remain intact.
Ransomware is not going away. If anything, the problem will continue to grow in severity as companies leverage technologies like IoT, artificial intelligence, and 5G to process ever more data, which can be compromised and held captive by ransomware attacks. MSPs can play a vital role in helping clients stay a step ahead of the risks by first protecting themselves, and then helping their clients protect their data—and their business.
ANDY ZOLLO is vice president of worldwide sales at StorageCraft Technology Corp.