Ransomware Made MSPeasy: The MSP’s Guide To Saving The Day

Jul 21, 2016

Ransomware Made MSPeasy: The MSP’s Guide To Saving The Day

BY Chris Brunau

Business Continuity Cybersecurity Ransomware

For managed services providers, the ransomware epidemic represents an opportunity to protect current clients through education on cybersecurity best practices while generating new business opportunities for the MSP shop.

I’ll dive into some ideas for educating your end users as well as ways to generate profits through the epidemic a bit later on (if you can’t wait, check out the full eBook linked at the end of this post). Today, let’s go over the basics of ransomware: its main characteristics, its prevalence and the top methods for distribution (and data destruction!).

There are many strains of ransomware in existence today and it is expected that new types of ransomware will continue to surface as time goes on. This is because cyber extortionists are constantly modifying ransomware code to evade detection by the most common defense technologies, such as security software. This year, we’ve witnessed a surge in “polymorphic” malware, which is a variant that changes automatically as if to appear as unique to different endpoints. This is a major issue, because traditional security software often fails to discover singular variants.

Most ransomware uses the AES algorithm to encrypt files. To decrypt files, hackers typically request payment in the form of Bitcoins or alternate online payment voucher services. The standard ransom demanded is about $500. Many variants also threaten that the ransom will exponentially increase if it not paid within a 72-hour window, such as Jigsaw. “We’ve seen it bite clients with varying severity,” said Frank Slattery of Teamlogic IT, a Massachusetts-based managed services provider.

Email is the most common method for distributing ransomware. It is generally spread using some form of social engineering; victims are tricked into downloading an e-mail attachment or clicking a link. Once the user takes action, the malware installs itself on the system and begins encrypting files.

In other cases, hackers install code on a legitimate website that redirects computer users to an alternative and malicious site. Unlike the spam email method, this approach requires no additional actions from the victim.

If you’re looking for more information about ransomware, including the common strains of ransomware in existence today and how it is spread, then you have come to the right place. In our latest eBook the MSPeasy series, you’ll get practical advice from MSPs and IT security professionals about how best to communicate the risk of ransomware to your clients so they understand the importance of investing in security, backup and recovery solutions. For all this and more, download our eBook: Ransomware Made MSPeasy.

Subscribe to the Blog