How MSPs can best deal with the ransomware crisis

How MSPs can best deal with the ransomware crisis

The ransomware attack on Kaseya, which launched over the July 4th weekend, hit managed service providers (MSPs) like a shock. In the biggest ransomware attack of all time, hackers exploited a vulnerability in Kaseya’s remote monitoring software. The attack hit around 60 MSPs and thousands of customers in the aftermath.

Following the attack, White House Assistant National Security Advisor Anne Neuberger issued a statement saying that President Joe Biden “directed all government resources to investigate this incident.”

The Biden administration has been stepping up its efforts for months as ransomware attacks have grown in strength and scope. A May 12 executive order from President Biden entitled “Improving the Nation’s Cybersecurity” states: “The United States is facing persistent and increasingly sophisticated malicious cyber campaigns affecting the public sector, the private sector and ultimately the Threaten the security and privacy of the American people. Just as our houses have locks and alarm systems and our office buildings have guards and security measures to counter the threat of theft, we urge you to take ransomware crime seriously and ensure that your corporate cyber defenses correspond to the threat. “

MSPs need to get better

As the Kaseya attack demonstrated, MSPs are hackers’ crosshairs and need to do more to protect themselves and their customers. This is not only a necessity to protect their operations, but also to ensure their survivability in the marketplace. Because when potential customers choose an MSP these days and think about what they need, a high level of cybersecurity is at the top of their list.

Companies of all sizes and in every industry know that no company is safe from ransomware. That’s because every company has data that is valuable to the company – which in turn makes the data valuable to hackers. Cyber ​​attackers target this data because they know that desperate business owners are willing to pay to have the data returned. And they often start with the MSP.

MSPs are an attractive target for hackers because they operate IT systems and networks for many different customers. With a single attack, the hackers can take the critical data of not just one company, but many companies hostage – and then offer this data as a ransom at a very high price. The hackers are also realizing that MSPs are feeling the pressure to pay quickly. Because if an MSP becomes a victim of ransomware, its customers could not only lose access to their data, but also their trust in the MSP.

MSPs who effectively and proactively block ransomware attacks have a significant competitive advantage. Not only do they secure their operations, but they can grow their business by helping customers ward off attacks. MSPs can play an important role in training their customers to better understand the current threat landscape and to equip them with the tools they need to secure their critical data.

Nobody is immune when it comes to ransomware. Ransomware attacks will inevitably take place and data will be compromised. But MSPs who prioritize proactive cybersecurity, data protection, immutable storage, and orchestrated recovery will be richly rewarded. That means MSPs should look for technology partners who offer complete solutions and offer them the best opportunities. MSPs should also look out for vendors who are 100% committed to protecting their customers and who won’t run away and hide when an incident occurs.

Get started with these six best practices

As listed in the President’s new Cybersecurity Executive Order, the US government has selected six extremely powerful steps to help businesses focus and make rapid progress in reducing the risk of ransomware. The recommended best practices are:

  • Make sure that your backups are tested regularly and that they are not connected to the corporate network.
  • Update and patch systems in a timely manner and keep operating systems, applications and firmware secure.
  • Regularly test your incident response plan.
  • Test the security of your systems and your ability to block a sophisticated attack with a third-party pen tester.
  • Carefully filter and limit Internet access to corporate networks.
  • Introduce multi-factor authentication and encryption for data at rest and in transit.

Organizations will increasingly be on the lookout for MSPs who can help them implement these best practices.

If you’re an MSP, you can demonstrate your commitment to security by offering your customers penetration tests that assess their current defenses and measure their vulnerability to attack. Organizations will appreciate this because most don’t do security testing and know – or should know – that they are vulnerable to ransomware. As part of your penetration tests, you can send your customers dubious looking emails and see if their employees open them or click on the links embedded in the email.

You can also help your customers implement better data backup and recovery systems. If you help them set up an effective backup system, they’ll be prepared to respond to attacks and quickly repair any damage. You should recommend a solution that provides immutable object storage on premise or in the cloud. Such a solution takes an immutable snapshot of the data every 90 seconds. It creates a continuous series of recovery points to ensure that the customer’s data is safe even if a ransomware attack is successful.

The unfortunate reality is that ransomware will remain a threat for a long time to come. In fact, the problem can be expected to grow and threaten businesses of all sizes. As an MSP, you can make a valuable contribution to helping your customers defend themselves against attacks and to secure their data – and their future.

Leave a Reply

Your email address will not be published.