Story image

What MSPs can learn from Datto’s Channel Ransomware Report

14 Nov 18

Article by Datto Asia director Nop Srinara.

Ransomware is an issue which has gained a lot of attention over the past few years, dominating headlines, with widespread global attacks like WannaCry, GoldenEye and NotPetya, proving that any business could be a potential target.

But as the news of attacks dies down and headlines become less frequent, are we right in thinking that the threat is also reduced?

To find out, we launched our third State of the Channel Ransomware Report, asking more than 2,400 managed service providers (MSPs) supporting the IT needs of nearly half a million SMBs in Asia-Pacific and across the globe, what they are seeing on the ground.

What we found was quite staggering:

1.    The frequency of attacks is increasing

While there have been less high profile attacks making the headlines, the frequency of attacks is, in fact, increasing, with more than 55% of MSPs stating that their clients experienced a ransomware attack in the first six months of 2018, and 35% reporting that their clients were attacked multiple times on the same day.

In fact, 92% of MSPs predict the number of attacks will continue at current or increased rates. In Asia-Pacific, businesses were most susceptible to ransomware attacks via Android and Software-as-a-Service applications than anywhere else in the world.

2.    Complacency among SMBs may be putting them at risk

Despite these findings, the study also revealed that there may still be complacency among the businesses in APAC, with less than 1 in 4 businesses failing to report attacks, and most attacks occurring due to human error, including team members clicking on malicious links, websites, web ads or phishing scams.

3.    Basic security is not enough

85% of MSPs reported that ransomware victims had antivirus software installed, 65% reported victims had email/spam filters installed, and 29% reported victims had pop-up blockers, which failed to block ransomware attacks. The study also revealed a fivefold increase in the number of MSPs reporting ransomware attacks on macOS and iOS platforms over the last year.

So what’re the key takeaways for MSPs?

Put simply, it’s clear that there is still a long way to go when it comes to educating SMBs on the threat that ransomware could pose for their businesses, but as an MSP it’s your job to do what it takes to keep your customers protected, which in turn provides you with an excellent opportunity to shine, proving that you have your customer’s interests at heart – and have the knowledge and expertise to keep their business safe at all costs.

To do this we recommend a 3 pronged approach:

1.    Training is key

As the study indicates, most of the time the weakest link inside any organisation is the employees themselves. Providing basic training on what to look out for or common mistakes made through clicking malicious links could mean the difference between a secure network and an unsecure one. Your customer’s data is valuable, so having clearly defined protocols in place to mitigate risk is essential. Customising levels of access by necessity can also be a great way to reduce the risk of a breach. Being overly cautious is never a bad thing when it comes to ransomware.

2.    Prevention

Prevention is always better than remediation, so having a watertight security posture which covers each and every endpoint is going to be step one in keeping your client’s business protected. Of course, every business is different, so installing a security solution which provides maximum coverage, with minimum disruption to daily operations will be key. Aside from this, making sure that any software is regularly updated and patched against specific threats is essential, while choosing a solution which provides full visibility over the network in real-time could help you to act fast if the worst happens.

3.    The Road to Recovery could save the day

While proper cybersecurity protection is essential, it’s safe to assume that hackers will always find a way. This means that recovery is just as important as prevention, so providing your customers with a recovery roadmap, could be a make or break. In fact, as our study shows, when it comes to ransomware, business downtime is often up to 10 times costlier to businesses than the ransom itself, with attacks costing businesses an average of $46,800, with ransom requested averaging $4,300 per attack.

It makes sense then that having a Business Continuity and Disaster Recovery (BCDR) solution that can restore access to servers and data with the least amount of recovery time objective (RTO) will be your customer’s lifeline if the worst happens. In fact, our study also revealed that 90% of MSPs reported that clients with BCDR in place were able to fully recover from an attack within 24 hours. Not only does this approach offer peace of mind, but it could also offer serious cost savings by limiting business critical downtime.

To conclude, ransomware continues to be a thorn in the side of SMBs, however by providing your clients with the right information and solutions, you can substantially reduce the risk of their business being affected by attacks. Not only this, but such a value-add could notably enrich your relationship with your clients, who can rest safe in the knowledge that their business and its assets are in safe hands.

White box losing out to brands in 100 GE switching market
H3C, Cisco and Huawei have all gained share in the growing competition in the data centre switching market.
Gartner names newcomer Exabeam a leader in SIEM
The vendor landscape for SIEM is evolving, with recent entrants bringing technologies optimised for analytics use cases.
52mil users affected by Google+’s second data breach
Google+ APIs will be shut down within the next 90 days, and the consumer platform will be disabled in April 2019 instead of August 2019 as originally planned.
Genesys PureCloud generates triple-digit revenue growth year on year
In Australia and New Zealand, the company boosted PureCloud revenue by nearly 100%.
Symantec releases neural network-integrated USB scanning station
Symantec Industrial Control System Protection Neural helps defend against USB-borne cyber attacks on operational technology.
IDC: Standalone VR headset shipments grow 428.6% in 3Q18
The VR headset market returned to growth in 3Q18 after four consecutive quarters of decline and now makes up 97% of the combined market.
Kidd made Ingram Micro executive for cloud
Barbara Kidd has been promoted to cloud general manager as the company signs new vendors to its Cloud Marketplace.
Open source will be the next big thing for the channel
Channel firms should be on the lookout for opportunities across open source and more diverse software offerings like software-defined containers and storage.