MSPs Need to Get Ahead of Ransomware Attacks

By Laura Stotler

A ransomware attack can be absolutely devastating for any business, and MSPs are increasingly becoming targets. Responding to attacks can be time consuming and expensive, and yet MSPs are left with little choice once they’ve been targeted by cybercriminals. Getting ahead of ransomware attacks with proper planning and protection is the best way for MSPs to combat criminals and protect their customers’ data.

According to the Sophos 2020 Threat Report, cybercriminals are increasingly using MSPs’ remote monitoring and management (RMM) solutions against them. They do this by exploiting vulnerabilities in some of the most popular RMM solutions. Once a solution is breached, attackers typically have access to a large cache of data and can easily hold it hostage, while also distributing ransomware onto additional networks remotely.

The threat to MSPs has become so serious that the Homeland Security Department recently issued a warning about an ongoing campaign of attacks linked to the Chinese government. The Department has seen a strategic shift recently in the tactics of the APT10 threat group, sponsored by China’s Ministry of State Security, and MSPs have become a prime target.

One of the most important steps MSPs can take to combat attacks is to enable multi-factor authentication on their RMM and central management tools while also protecting all endpoints. Employees should also be educated about ransomware as well as phishing techniques that are commonly used in ransomware attacks.

According to Sophos, some of the key security practices MSPs can employ include applying software patches early and often, as well as using strong passwords that are changed regularly. Backing up data regularly as well as keeping backup files off-line and off-site are also important practices, along with being cautious about opening unsolicited email attachments.

Employees should also be advised not to enable macros from attachments received via email. JavaScript files should be opened in Notepad initially so that contents may be scanned for malicious code before launching. MSPs should also implement tamper protection measures, or lower user privileges, to prevent employees from accidentally uninstalling security services.

Ransomware attacks pose a major threat to MSPs, in the form of a giant price tag to either pay the ransom or try to recover data. Productivity losses after an attack can be devastating, not to mention the loss of customer data and goodwill that goes along with an attack. By being proactive about security measures and routine precautions and procedures, MSPs can get ahead of attackers and ensure their networks and customer data are properly protected.

To provide additional information about cyberattacks and security measures for MSPs, TMC is hosting its MSP Expo in Fort Lauderdale, FL from February 12-14. The event will offer information about technology, hacking threats and security measures MSPs can take to protect themselves and their customers.

Edited by Maurice Nagle

MSPToday Contributing Editor

Related Articles

MSP Dataprise Announces Majority Investment from Trinity Hunt Partners

By: Tracey E. Schelmetic    1/9/2020

IT managed services providers (MSPs) are a growing industry, and the good news is that investors are keen on these companies. Dataprise, an IT managed…

Read More

Managing Contingent and Blended IT Labor

By: Erik Linask    1/6/2020

The key to making contingent labor management easy for MSPs is finding the right platform, with the right tools and features to make the process effic…

Read More

India's Sify Technologies Recognized as "Major Player" in MCS by IDC

By: Tracey E. Schelmetic    1/3/2020

Chennai, India-based Sify Technologies Limited provides end-to-end ICT solutions, including telecom services, data center services, cloud and managed …

Read More

Synoptek Becomes Latest MSP Victim of Ransomware Attack

By: Laura Stotler    1/2/2020

California MSP Synoptek was the latest service provider to be hit by a ransomware attack before the holidays. The company was targeted by the Sodinoki…

Read More

VoIP Supply has Signed on as a Platinum Sponsor for MSP Expo & ITEXPO 2020, the #TechSuperShow

By: TMCnet News    12/23/2019

TMC announced VoIP Supply has signed on a platinum sponsor for ITEXPO and MSP Expo, both of which are held February 12 -14, 2020 at the Greater Ft. La…

Read More