MSPs remain ransomware targets

The need to improve security has been a key factor behind the recent wave of consolidation in the managed service provider (MSP) channel, and providers are continuing to take steps to protect themselves and their customers.

Among the findings of the 2022 MSP threat report from ConnectWise was a mention of the rise of the “super MSP”, created through mergers and acquisitions and often backed by private equity, with the need to bolster security positions one of the motivations for those tie-ups.

One of the expectations for the rest of the year is that super MSPs will continue to be driven by the need to establish strong security positions.

MSPs continue to be the focus of ransomware attacks, with criminals viewing them as a lucrative target because a successful attack can hit multiple victims, with this a major feature of 2021 and predicted to be so again this year.

The ConnectWise Cyber Research Unit, which looks for new vulnerabilities in the MSP industry, pulled together data from around 500 incidents reported by partners, with 40% related to ransomware. That threat was found to be rising by 10-15% per quarter, with 56% of all incidents occurring in the second half of last year. 

As a result of increasing threats, the report forecast increased security spending by small to medium-sized enterprises (SME) in 2022. Money is likely to be spent in a number of areas, including cyber detection, response and automation.

ConnectWise is also predicting that those responsible for ransomware will continue to shift their focus to mid-tier organisations that could potentially pay out sizeable ransoms. The thought process is that these targets will attract less public attention and help the criminals stay ahead of law enforcement, which succeeded in shutting down some groups in 2021.

“This report, put out by our Cybersecurity Research Unit, serves as a powerful tool to help MSPs understand and identify vulnerabilities and guide them to make security investments that will rapidly detect and resolve potential threats to protect their businesses and their clients,” said Raffael Marty, general manager, cyber security, at ConnectWise.

The report comes against a background of raised awareness from MSPs around the need for greater security. That has been driven by personal experience and by the prospect of government regulations that will require a greater need to demonstrate that data protection steps have been taken.

Last autumn, Datto CEO Tim Weller shared a widespread view that MSPs need to accept that they are all in the security business and need to take the issue seriously.

“I think this industry has to look out five years and ask where we are going to be, and candidly, without any shock value, I think without good security you might be out of business,” he warned.

“We’ve been at the security thing for a long time, and I think the realisation comes to you: how do we talk publicly about what we do, and what the industry needs to do, without any hubris at all? We want to bring other suppliers and MSPs along,” he added.