Despite cybersecurity professionals’ efforts to curb ransomware attacks amid the COVID-19 pandemic, threat actors have been continuing to do what they do best in crisis times — taking advantage of fear and uncertainty. MSPs — and their clients — are stuck in the middle of all the chaos.
Of course, malicious actors attacking MSPs isn’t anything new. Cybercriminals have been targeting MSPs and their clients for several years now. What’s new is the frequency of these undeniably destructive attacks. And the bad news for MSPs (and, again, their clients) is threat actors have been successful with ransomware attacks time and time again. Cybercriminals have learned that it’s more significantly more lucrative to attack MSPs with unfettered access to many networks instead of a business with only one.
Suppose MSPs, especially those in the U.S., continue to fail to protect themselves and their clients against ransomware attacks adequately. They’re going to be in a world of hurt in the coming months (and maybe even out of business).
Even though malware incidents dropped in H1 2020, ransomware attacks in the U.S. are on the rise. Ransomware is up 105 percent in North America — including a 109 percent increase in the U.S., where it increased to 80 million, according to a report, titled “Mid-Year Update: 2020 SonicWall Cyber Threat Report,” published by cybersecurity solutions company SonicWall.
Additionally, on average, ransomware attacks cause 15 days of downtime and significant financial damage in many circumstances. Thirty-five percent of MSPs that had experienced a ransomware event cited financial damages above $1,000,000, according to a report titled “2020 Ransomware Resiliency Report”, conducted by NinjaRMM.
When they’re unable to detect appropriately, contain, and control ransomware attacks, MSPs are leaving themselves and their clients vulnerable to threat actors, many of whom are becoming more sophisticated in their attacks. While MSPs must take (at the very least) necessary steps to safeguard against ransomware attacks, including embracing multi-factor authentication, configuring security system alerts, backing up data regularly, and boosting MSP employee awareness, it’s not enough. Ransomware continues to mature at an alarming rate.
But what’s truly fascinating is many MSPs still aren’t taking the proper action to protect themselves from ransomware attacks, despite the increasing number of cybercriminals exploiting security vulnerabilities in the solutions MSPs use to remotely install ransomware. And even when MSPs are cautious and follow protocols, the products they use to monitor and manage client networks remotely and systems fall short.
When these products fail, MSPs are stuck doing damage control. Fortunately, for MSPs, they can avoid this fate more often than not if they deploy solutions designed to automate policies and monitoring. These products act as another layer of protection and eliminate human error. With automation, policies are enforced, vulnerable protocols are closed, and clients are kept safe from cybercriminals attempting to install ransomware on their networks.
Threat actors aren’t backing down anytime soon. Now’s the time for MSPs to remain vigilant and be proactive. While cybercriminals are using various methods to install ransomware on unprotected networks, they’re primarily targeting MSPs through remote monitoring and management (RMM) software.
And when threat actors succeed, MSPs and their clients lose.