MSPs Need to Get Ahead of Ransomware Attacks

By Laura Stotler

A ransomware attack can be absolutely devastating for any business, and MSPs are increasingly becoming targets. Responding to attacks can be time consuming and expensive, and yet MSPs are left with little choice once they’ve been targeted by cybercriminals. Getting ahead of ransomware attacks with proper planning and protection is the best way for MSPs to combat criminals and protect their customers’ data.

According to the Sophos 2020 Threat Report, cybercriminals are increasingly using MSPs’ remote monitoring and management (RMM) solutions against them. They do this by exploiting vulnerabilities in some of the most popular RMM solutions. Once a solution is breached, attackers typically have access to a large cache of data and can easily hold it hostage, while also distributing ransomware onto additional networks remotely.

The threat to MSPs has become so serious that the Homeland Security Department recently issued a warning about an ongoing campaign of attacks linked to the Chinese government. The Department has seen a strategic shift recently in the tactics of the APT10 threat group, sponsored by China’s Ministry of State Security, and MSPs have become a prime target.

One of the most important steps MSPs can take to combat attacks is to enable multi-factor authentication on their RMM and central management tools while also protecting all endpoints. Employees should also be educated about ransomware as well as phishing techniques that are commonly used in ransomware attacks.

According to Sophos, some of the key security practices MSPs can employ include applying software patches early and often, as well as using strong passwords that are changed regularly. Backing up data regularly as well as keeping backup files off-line and off-site are also important practices, along with being cautious about opening unsolicited email attachments.

Employees should also be advised not to enable macros from attachments received via email. JavaScript files should be opened in Notepad initially so that contents may be scanned for malicious code before launching. MSPs should also implement tamper protection measures, or lower user privileges, to prevent employees from accidentally uninstalling security services.

Ransomware attacks pose a major threat to MSPs, in the form of a giant price tag to either pay the ransom or try to recover data. Productivity losses after an attack can be devastating, not to mention the loss of customer data and goodwill that goes along with an attack. By being proactive about security measures and routine precautions and procedures, MSPs can get ahead of attackers and ensure their networks and customer data are properly protected.

To provide additional information about cyberattacks and security measures for MSPs, TMC is hosting its MSP Expo in Fort Lauderdale, FL from February 12-14. The event will offer information about technology, hacking threats and security measures MSPs can take to protect themselves and their customers.

Edited by Maurice Nagle

MSPToday Contributing Editor

Related Articles

New MSP Ascend Technologies Launches in the Midwest

By: Stefania Viscusi    4/2/2020

Managed service providers (MSPs) play an important role today as cloud technology and remote work are leading so many functions. In the mid-west regio…

Read More

netsapiens Releases Update to Unified Communications Platform to Enable Teleworking in a Snap

By: Erik Linask    4/2/2020

netsapiens has release the latest update to its SNAPsolutions UC&C platform to further enable MSPs and resellers to help businesses adopt remote worki…

Read More

Stellar Cyber Gets Additional Funding to Grow Its Security Business

By: Erik Linask    3/25/2020

AI-based security provider Stellar Cyber has extended its Series A funding with $7.1 million in new investment to grow its business and increase its p…

Read More

SkySwitch Adds Microsoft Teams Integration with TeamMate Technology Solution

By: Erik Linask    3/25/2020

SkySwitch MSP partners and resellers can now offer integrated cloud PBX and Microsoft Teams functionality using TeamMate Connector for maximum UC func…

Read More

Google and T-Systems Partner on Managed Services and Cloud Competence Center

By: Laura Stotler    3/11/2020

Google Cloud and Deutsche Telekom subsidiary T-Systems have teamed up to offer enterprise managed services. The companies are also working together to…

Read More