How IT service providers can protect against ransomware
Managed service providers (MSPs) are suddenly finding themselves a prime target for ransomware.
The recent attack on global IT services giant Cognizant causing disruption to customers in the banking, oil and gas industries, is just one example, and sadly, attacks like this one are becoming more and more commonplace.
MSPs are a natural target for hackers specifically because they run IT systems and networks for many different clients. With a single attack, the bad guys can capture the critical data of not just one company, but many companies—and then hold that data for ransom at a very high price.
Hackers also know that MSPs will likely feel more pressure to pay the ransom. After all, if an MSP falls prey to ransomware, its customers could not only lose access to their data—they could also lose faith in the MSP.
As a result, MSPs are now waking up to the massive threat posed by ransomware and their need to protect against it. If they don’t, they risk losing customers and potentially compromising their entire business.
Enticed by the promise of easy money, ransomware attackers have catapulted to the forefront. Indeed, global cyber insurance provider Beazley reported a 37% increase in ransomware attacks in the third quarter of 2019, compared to the previous quarter. Even more shocking is that a staggering 25% of all incidents were against MSPs.
The ransomware problem will continue to grow in severity as companies leverage technologies like IoT, artificial intelligence and 5G to generate ever more data—data that can be compromised and held captive by ransomware attacks. Here are three things MSPs can do now to dramatically reduce their exposure to this rapidly expanding threat.
1. Create a regular backup schedule and test your backups. The best way to soothe the sting of a ransomware attack is by backing up your mission-critical data on a regular basis. If your data is stored in the cloud, be sure to have another copy somewhere offline. If you have backups stored on disks in your data center, keep extra copies somewhere offsite. MSPs should also make it habit to periodically test their backup copies to make sure they can reliably restore data.
2. Invest in patch management. As the adage goes, an ounce of prevention is worth a pound of cure. This is especially true when it comes to ransomware—and the wad of cash you’ll need to “cure” the problem and make it go away. The good news is that having a simple patch management program in place can prevent ransomware from sneaking in through the back door. Make sure you regularly update your systems and apply new patches as soon as they are released.
3. Promote good security hygiene. Your weakest security link is not your IT systems, it’s your people. This is especially true as hackers deploy new and pernicious social engineering techniques designed to trick employees. Make it priority to educate and train all your employees on how to spot malware. For example, if employees come across a link or an email that looks a bit odd, it probably is—so they should be trained to never open it. You should also help them understand the repercussions of a successful ransomware attack on your business.
MSPs that effectively manage the ransomware problem will be at a significant advantage. Not only will they have their house in order, they can also grow their business by helping their customers combat these attacks. MSPs can play a vital role in educating their clients to better understand the current threat landscape, as well as arming them with the tools they need to effectively protect their critical data.
One important way MSPs can protect their clients is by offering penetration testing services that measure the existing defenses of clients and how susceptible they are to attack. The reality is that most organisations today do not perform security tests, which leaves them vulnerable to ransomware threats. As part of their penetration testing service, MSPs can send suspicious emails to their clients to gauge whether they open them or click on embedded links.
MSPs can also help their clients implement strategies around data backup and recovery. For example, by deploying or recommending the right backup solution, MSPs will be in a better position to quickly react to ransomware attacks and undo any damage. Specifically, MSPs should leverage modern data backup solutions that continuously take snapshots of data every 90 seconds, thus creating a series of recovery points and ensuring that, even if ransomware does sneak through, the customer’s information will remain intact.
Ransomware is not going away. If anything, the problem is only getting worse, threatening to cripple organisations large and small. MSPs can play a vital role in helping clients stay a step ahead of the risks to better protect their data—and their business.
This article was contributed by Leo Lynch, Director of Sales, ANZ, StorageCraft