zephyr_p - stock.adobe.com

MSPs taking steps to protect themselves from ransomware

Datto reveals that managed service partners are aware they are in the firing line and have formed partnerships with MSSPs to protect themselves

Ransomware remains a serious threat to SME customers and is spurring security spending and actions by MSPs to protect themselves and their customers.

Datto’s latest annual Global state of the channel ransomware report has revealed the increasing pressure that SME customers and their MSP suppliers are under with cyber criminals continuing to target businesses.

The report found that 60% of MSPs reported that their SME customers had been hit with a ransomware attack as of Q3 2020, and the costs of downtime were significantly higher now than they were the previous two years.

As well as protecting customers, MSPs are starting to take more steps to protect themselves, with the Datto report finding that 95% of managed service providers saw themselves as a target. That has led many to form partnerships with MSSPs to protect themselves and their customers. The report highlighted business continuity and disaster recovery as the main way to combat ransomware.

The natural consequence of the rise in threats has been an increase in spending, with Datto finding that 50% of MSPs had seen their customers increase budget this year for security.

“The Covid-19 pandemic has accelerated the need for stronger security measures as remote working and cloud applications increase in prevalence,” said Ryan Weeks, chief information security officer at Datto. “Reducing the risk of cyberattacks requires a multi-layered approach rather than a single product – awareness, education, expertise, and purpose-built solutions all play a key role.

“The survey highlights how MSPs are taking the extra step to partner with MSSPs that can offer more security-focused experience, along with a more widespread use of security measures like SSO and 2FA – these are critical strategies businesses and municipalities need to adopt to protect themselves from cyber threats now and in the future,” he said.

How the attacks are coming

The survey revealed the top three ways ransomware is attacking entities:

  • Phishing emails: 54% of MSPs report these as the most successful ransomware attack vector.
  • Software-as-a-service applications: Nearly one in four MSPs reported ransomware attacks on clients’ SaaS applications, with Microsoft being hit the hardest at 64%.
  • Windows endpoint systems applications: These are the most targeted by hackers, with 91% of ransomware attacks targeting Windows PCs this year.

The pandemic has also been a factor with increased threats (see box) targeting vulnerable home workers away from the security of the corporate network and IT teams.

Barry O’Donnell, operations director at TSG, said it kept a constant eye on the threats that were being faced by customers and it had seen an impact from the pandemic.

“When a client encounters an attack, we rely on technology and creative IT solutions to lessen the aftermath of breaches,” he said. “Partly resulting from the pandemic and the need to shift workloads to the cloud, we’ve seen an increase in the number of ransomware attacks and requested ransom.

“The growing sophistication and frequency of these attacks has resulted in additional counter measures such as IT security assistance from MSSPs, as well as a growing number of clients that are increasing their IT security budgets.”

Read more on Managed IT Services