SMBs are the Conduit to a Successful Ransomware Attack

December 11, 2020

SMBs are the Conduit to a Successful Ransomware Attack

By Courtney Heinbach

If there’s one thing we learned from our latest State of the Channel Ransomware Report, it’s that there is still a lot of work to do to educate and create awareness about the very real threat of ransomware to small and medium businesses (SMBs). Managed service providers (MSPs) shared insights into the disconnect between how concerned they think clients should be about ransomware vs. the level of concern they see from their SMB clients. Alarmingly, MSPs report only 30% of SMBs are “very concerned” about ransomware.

While there were encouraging signs like an increase in security spending, the cost of downtime and other damaging effects of ransomware are only just beginning to hit home. Employees are typically the first point of entry for ransomware into an organisation. Unbeknownst to them, they are clicking or falling prey to deceptive tactics used by cybercriminals to gain access and then wreak havoc across a company’s systems.

We can’t stress this enough: Education is an essential piece of an effective ransomware protection strategy. This year’s survey results make that clear: Phishing, poor user practices, and lack of end user cyber security training were the three most common causes of successful ransomware breaches.

Security training must go beyond just how to identify phishing attacks. While phishing topped the list, weak passwords, open Remote Desktop Protocol (RDP) access, and a host of other user errors were also to blame for breaches.

Here are the top five leading causes of ransomware attacks as reported by MSPs:

  • Phishing emails (54%)
  • Poor user practices/gullibility (27%)
  • Lack of cyber security training (26%)
  • Weak passwords/access management (21%)
  • Open RDP access (20%)

*Survey respondents were asked to select three answer choices.

Two Key Takeaways to Share with your SMB Clients

Prepare employees to be the front line of defence. Today’s companies must provide regular and mandatory cyber security training to ensure all employees are able to spot and avoid potential attacks. Better security training could significantly help to mitigate ransomware attacks. To be effective, training needs to simulate real threats and test employees’ ability to detect a suspicious attempt to gain access. When an employee fails to identify the threat, they should receive additional training.

Implement a continuity strategy. With no surefire way of preventing ransomware attacks even with proper security solutions in place, a continuity strategy becomes essential. A plan needs to detail how to respond, remediate, and recover quickly once an attack has happened. Communication and collaboration are key as well as transparency to limit the impact on their reputation. A business continuity and disaster recovery solution can be effective in dealing with attacks because it can recover server workloads locally or in the cloud helping to minimise business interruption following a ransomware attack. Since ransomware is designed to spread across networks and SaaS applications, endpoint and SaaS backup solutions designed for fast restores are also critical.

Datto’s Global State of the Channel Ransomware Report

Ransomware is a growing problem for businesses of all sizes. In our annual report, learn about the risks MSPs and the channel face, and how businesses are working to combat ransomware.

Read More
Relevant Articles

Subscribe to the Blog