Article by Datto Asia director Nop Srinara.
Ransomware is an issue which has gained a lot of attention over the past few years, dominating headlines, with widespread global attacks like WannaCry, GoldenEye and NotPetya, proving that any business could be a potential target.
But as the news of attacks dies down and headlines become less frequent, are we right in thinking that the threat is also reduced?
To find out, we launched our third State of the Channel Ransomware Report, asking more than 2,400 managed service providers (MSPs) supporting the IT needs of nearly half a million SMBs in Asia-Pacific and across the globe, what they are seeing on the ground.
What we found was quite staggering:
1. The frequency of attacks is increasing
While there have been less high profile attacks making the headlines, the frequency of attacks is, in fact, increasing, with more than 55% of MSPs stating that their clients experienced a ransomware attack in the first six months of 2018, and 35% reporting that their clients were attacked multiple times on the same day.
In fact, 92% of MSPs predict the number of attacks will continue at current or increased rates. In Asia-Pacific, businesses were most susceptible to ransomware attacks via Android and Software-as-a-Service applications than anywhere else in the world.
2. Complacency among SMBs may be putting them at risk
Despite these findings, the study also revealed that there may still be complacency among the businesses in APAC, with less than 1 in 4 businesses failing to report attacks, and most attacks occurring due to human error, including team members clicking on malicious links, websites, web ads or phishing scams.
3. Basic security is not enough
85% of MSPs reported that ransomware victims had antivirus software installed, 65% reported victims had email/spam filters installed, and 29% reported victims had pop-up blockers, which failed to block ransomware attacks. The study also revealed a fivefold increase in the number of MSPs reporting ransomware attacks on macOS and iOS platforms over the last year.
So what’re the key takeaways for MSPs?
Put simply, it’s clear that there is still a long way to go when it comes to educating SMBs on the threat that ransomware could pose for their businesses, but as an MSP it’s your job to do what it takes to keep your customers protected, which in turn provides you with an excellent opportunity to shine, proving that you have your customer’s interests at heart – and have the knowledge and expertise to keep their business safe at all costs.
To do this we recommend a 3 pronged approach:
1. Training is key
As the study indicates, most of the time the weakest link inside any organisation is the employees themselves. Providing basic training on what to look out for or common mistakes made through clicking malicious links could mean the difference between a secure network and an unsecure one. Your customer’s data is valuable, so having clearly defined protocols in place to mitigate risk is essential. Customising levels of access by necessity can also be a great way to reduce the risk of a breach. Being overly cautious is never a bad thing when it comes to ransomware.
Prevention is always better than remediation, so having a watertight security posture which covers each and every endpoint is going to be step one in keeping your client’s business protected. Of course, every business is different, so installing a security solution which provides maximum coverage, with minimum disruption to daily operations will be key. Aside from this, making sure that any software is regularly updated and patched against specific threats is essential, while choosing a solution which provides full visibility over the network in real-time could help you to act fast if the worst happens.
3. The Road to Recovery could save the day
While proper cybersecurity protection is essential, it’s safe to assume that hackers will always find a way. This means that recovery is just as important as prevention, so providing your customers with a recovery roadmap, could be a make or break. In fact, as our study shows, when it comes to ransomware, business downtime is often up to 10 times costlier to businesses than the ransom itself, with attacks costing businesses an average of $46,800, with ransom requested averaging $4,300 per attack.
It makes sense then that having a Business Continuity and Disaster Recovery (BCDR) solution that can restore access to servers and data with the least amount of recovery time objective (RTO) will be your customer’s lifeline if the worst happens. In fact, our study also revealed that 90% of MSPs reported that clients with BCDR in place were able to fully recover from an attack within 24 hours. Not only does this approach offer peace of mind, but it could also offer serious cost savings by limiting business critical downtime.
To conclude, ransomware continues to be a thorn in the side of SMBs, however by providing your clients with the right information and solutions, you can substantially reduce the risk of their business being affected by attacks. Not only this, but such a value-add could notably enrich your relationship with your clients, who can rest safe in the knowledge that their business and its assets are in safe hands.