Story image

What MSPs can learn from Datto’s Channel Ransomware Report

14 Nov 2018

Article by Datto Asia director Nop Srinara.

Ransomware is an issue which has gained a lot of attention over the past few years, dominating headlines, with widespread global attacks like WannaCry, GoldenEye and NotPetya, proving that any business could be a potential target.

But as the news of attacks dies down and headlines become less frequent, are we right in thinking that the threat is also reduced?

To find out, we launched our third State of the Channel Ransomware Report, asking more than 2,400 managed service providers (MSPs) supporting the IT needs of nearly half a million SMBs in Asia-Pacific and across the globe, what they are seeing on the ground.

What we found was quite staggering:

1.    The frequency of attacks is increasing

While there have been less high profile attacks making the headlines, the frequency of attacks is, in fact, increasing, with more than 55% of MSPs stating that their clients experienced a ransomware attack in the first six months of 2018, and 35% reporting that their clients were attacked multiple times on the same day.

In fact, 92% of MSPs predict the number of attacks will continue at current or increased rates. In Asia-Pacific, businesses were most susceptible to ransomware attacks via Android and Software-as-a-Service applications than anywhere else in the world.

2.    Complacency among SMBs may be putting them at risk

Despite these findings, the study also revealed that there may still be complacency among the businesses in APAC, with less than 1 in 4 businesses failing to report attacks, and most attacks occurring due to human error, including team members clicking on malicious links, websites, web ads or phishing scams.

3.    Basic security is not enough

85% of MSPs reported that ransomware victims had antivirus software installed, 65% reported victims had email/spam filters installed, and 29% reported victims had pop-up blockers, which failed to block ransomware attacks. The study also revealed a fivefold increase in the number of MSPs reporting ransomware attacks on macOS and iOS platforms over the last year.

So what’re the key takeaways for MSPs?

Put simply, it’s clear that there is still a long way to go when it comes to educating SMBs on the threat that ransomware could pose for their businesses, but as an MSP it’s your job to do what it takes to keep your customers protected, which in turn provides you with an excellent opportunity to shine, proving that you have your customer’s interests at heart – and have the knowledge and expertise to keep their business safe at all costs.

To do this we recommend a 3 pronged approach:

1.    Training is key

As the study indicates, most of the time the weakest link inside any organisation is the employees themselves. Providing basic training on what to look out for or common mistakes made through clicking malicious links could mean the difference between a secure network and an unsecure one. Your customer’s data is valuable, so having clearly defined protocols in place to mitigate risk is essential. Customising levels of access by necessity can also be a great way to reduce the risk of a breach. Being overly cautious is never a bad thing when it comes to ransomware.

2.    Prevention

Prevention is always better than remediation, so having a watertight security posture which covers each and every endpoint is going to be step one in keeping your client’s business protected. Of course, every business is different, so installing a security solution which provides maximum coverage, with minimum disruption to daily operations will be key. Aside from this, making sure that any software is regularly updated and patched against specific threats is essential, while choosing a solution which provides full visibility over the network in real-time could help you to act fast if the worst happens.

3.    The Road to Recovery could save the day

While proper cybersecurity protection is essential, it’s safe to assume that hackers will always find a way. This means that recovery is just as important as prevention, so providing your customers with a recovery roadmap, could be a make or break. In fact, as our study shows, when it comes to ransomware, business downtime is often up to 10 times costlier to businesses than the ransom itself, with attacks costing businesses an average of $46,800, with ransom requested averaging $4,300 per attack.

It makes sense then that having a Business Continuity and Disaster Recovery (BCDR) solution that can restore access to servers and data with the least amount of recovery time objective (RTO) will be your customer’s lifeline if the worst happens. In fact, our study also revealed that 90% of MSPs reported that clients with BCDR in place were able to fully recover from an attack within 24 hours. Not only does this approach offer peace of mind, but it could also offer serious cost savings by limiting business critical downtime.

To conclude, ransomware continues to be a thorn in the side of SMBs, however by providing your clients with the right information and solutions, you can substantially reduce the risk of their business being affected by attacks. Not only this, but such a value-add could notably enrich your relationship with your clients, who can rest safe in the knowledge that their business and its assets are in safe hands.

SecOps: Clear opportunities for powerful collaboration
If there’s one thing security and IT ops professionals should do this year, the words ‘team up’ should be top priority.
Interview: Culture and cloud - the battle for cybersecurity
ESET CTO Juraj Malcho talks about the importance of culture in a cybersecurity strategy and the challenges and benefits of a world in the cloud.
Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.