October 12, 2020
MSP Q&A: Ransomware Realities for MSPs and Their Clients
Ransomware has become an increasing threat to individuals and businesses alike and it seems unlikely that the threat will slow down any time soon. Organisations of all types and sizes have been impacted, leaving everyone vulnerable to an attack. In 2019, 83% of managed service providers (MSPs) reported ransomware as the most common malware threat to their small and medium business (SMB) clients. With ransomware on the rise, how are you going to protect you and clients?
We sat down with Steve Stokes, Operations Director, at Aura Technology a managed service provider based in Southampton, UK, to find out what pieces of advice he would give his peers in order to protect businesses against ransomware and why he thinks the attacks are on the rise.
Why do you think ransomware attacks have become so prevalent over the last few years?
Ransomware has become one of the most profitable organised crimes in the world, and because of this, attacks continue to increase, with each new strain becoming more sophisticated than the last. There are still a number of companies out there that do not invest in their IT infrastructure and do not have appropriate IT security measures in place to protect their data. These companies are the low hanging fruit for cybercriminals which makes it easy to get malware on their systems and to extort money from companies. It’s not like breaking into a bank which may need lots of planning and specialist skills to get into the safe to steal the valuables - getting ransomware onto a company's IT system can be as easy as sending one of their employees an email!
Do you think ransomware attacks will continue at the current level we are seeing?
I suspect we will continue to see an increase in threats and the criminals coming up with new and innovative ransomware hacks, combined with new social engineering methods. This year has also seen Windows 7 come to the end of its support life, which companies are still using in production, making them an easy target for cybercriminals.
As an MSP, what three pieces of advice would you give to your clients in regards to ransomware?
- Protect your IT systems - basic measures should include a BCDR solution, email filtering, firewall, and multi-factor authentication.
- Educate your staff - if you have all of the above in place, the weakest part of your IT system is your users and they must be educated to stay safe online.
- Use a password management application like KeyPass or EnPass to ensure you can have different passwords set for each of the systems you use.
Being ahead of the game can be tough. What advice would you give your peers when it comes to knowing about the latest developments in ransomware?
Keeping up to date on the latest news is essential. IT security vendors often issue newsletters, host webinars, and provide up to the minute information. Make sure you are subscribed to their news feeds and have people within your company that are responsible for keeping an eye on the ever-changing IT security landscape.
What one solution would you encourage every MSP to have, in order to better protect their clients against ransomware?
Personally, I’ve seen most threats enter into our customer IT environments via email, so a good email security solution is essential with business continuity product underpinning this. Email security is now very cost-effective, so there is really no excuse.
To learn more about how you can protect you and clients against ransomware, download Datto’s Global State of the Channel Ransomware report here.