MSPs Need to Get Ahead of Ransomware Attacks

MSPs Need to Get Ahead of Ransomware Attacks

By Laura Stotler

A ransomware attack can be absolutely devastating for any business, and MSPs are increasingly becoming targets. Responding to attacks can be time consuming and expensive, and yet MSPs are left with little choice once they’ve been targeted by cybercriminals. Getting ahead of ransomware attacks with proper planning and protection is the best way for MSPs to combat criminals and protect their customers’ data.

According to the Sophos 2020 Threat Report, cybercriminals are increasingly using MSPs’ remote monitoring and management (RMM) solutions against them. They do this by exploiting vulnerabilities in some of the most popular RMM solutions. Once a solution is breached, attackers typically have access to a large cache of data and can easily hold it hostage, while also distributing ransomware onto additional networks remotely.

The threat to MSPs has become so serious that the Homeland Security Department recently issued a warning about an ongoing campaign of attacks linked to the Chinese government. The Department has seen a strategic shift recently in the tactics of the APT10 threat group, sponsored by China’s Ministry of State Security, and MSPs have become a prime target.

One of the most important steps MSPs can take to combat attacks is to enable multi-factor authentication on their RMM and central management tools while also protecting all endpoints. Employees should also be educated about ransomware as well as phishing techniques that are commonly used in ransomware attacks.

According to Sophos, some of the key security practices MSPs can employ include applying software patches early and often, as well as using strong passwords that are changed regularly. Backing up data regularly as well as keeping backup files off-line and off-site are also important practices, along with being cautious about opening unsolicited email attachments.

Employees should also be advised not to enable macros from attachments received via email. JavaScript files should be opened in Notepad initially so that contents may be scanned for malicious code before launching. MSPs should also implement tamper protection measures, or lower user privileges, to prevent employees from accidentally uninstalling security services.

Ransomware attacks pose a major threat to MSPs, in the form of a giant price tag to either pay the ransom or try to recover data. Productivity losses after an attack can be devastating, not to mention the loss of customer data and goodwill that goes along with an attack. By being proactive about security measures and routine precautions and procedures, MSPs can get ahead of attackers and ensure their networks and customer data are properly protected.

To provide additional information about cyberattacks and security measures for MSPs, TMC is hosting its MSP Expo in Fort Lauderdale, FL from February 12-14. The event will offer information about technology, hacking threats and security measures MSPs can take to protect themselves and their customers.

Edited by Maurice Nagle
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

MSPToday Contributing Editor

Related Articles

Expereo Chosen to Drive Global Connectivity for Carlsberg Group

By: Stefania Viscusi    12/7/2023

Brewery conglomerate Carlsberg Group has chosen intelligent internet company Expereo to help with its digital transformation.

Read More

CrowdStrike Brings AI-Driven Cybersecurity to Amazon Business

By: Stefania Viscusi    12/7/2023

CrowdStrike announced that it has officially launched its AI-powered cybersecurity solution, CrowdStrike Falcon Go, on Amazon Business.

Read More

Sotera SecurePhone, Powered by MetTel, Introduces Ultra-Secure Communication in Government and Enterprise Domains

By: Greg Tavarez    12/7/2023

The Sotera SecurePhone joins a growing, robust line-up of security offerings from MetTel that include a range of network and endpoint-based solutions.

Read More

CyberArk Introduces Enhanced Passkeys Authentication

By: Stefania Viscusi    12/6/2023

Identity security company CyberArk has announced a significant step in enhancing the passwordless authentication experience by introducing new passkey…

Read More

Telstra International's Global Managed Security Solutions Powered Up through Netskope Partnership

By: Greg Tavarez    12/6/2023

The expanded partnership between Telstra International and Netskope lets Telstra provide organizations worldwide with a comprehensive managed solution…

Read More