Demands On Msps To Protect Against Ransomware Are Increasing
In its Ransomware Uncovered report, cyber intelligence specialist Group-IB reported that the number of ransomware attacks increased by 150 percent in 2020. These attacks caused an average of 18 days of downtime for affected organizations — mostly large corporations — while the average ransom almost doubled. As part of its 2021 Ransomware Victims Report, Cloudian also found that paying the ransom is only part of the significant financial burden of a ransomware attack.
Those affected put the additional costs just for restoring the data caused by a spell at around 155,000 euros on average. Expenses incurred due to delivery delays, service failures, or other business critical processes are not even included here – not to mention possible image and further long-term damage. At the same time, only about 60 percent of ransomware payments and additional expenses were covered by cyber insurance.
Table of Contents
The Blackmail Business Is (Still) Successful
This development is due, among other things, to the effects of the Covid-19 pandemic. The significant business disruption coupled with the shift to remote work over the past 12 months has created a perfect storm of factors for hackers to exploit. And they have seized the opportunity to launch more extensive and sophisticated attacks. With all of this in mind, one must face the following: ransomware will remain one of the top global security threats in 2021 and beyond. The “business” is too lucrative for cybercriminals and has grown into a multi-billion dollar market. This puts large companies and managed service providers (MSPs) under pressure. They must respond to the growing threat by investing in partnerships and working with experienced security solution providers to provide their customers with the protection they need.
Traditional Measures Offer Insufficient Protection
Recently, we have seen public and private organizations become the target of attackers who undoubtedly had security measures. Nevertheless, in the end, corporations like Colonial Pipelines or Brenntag had to pay around 4.4 million dollars in ransom. Medium-sized companies, such as the copper manufacturer KME, and authorities, such as the Anhalt-Bitterfeld district, are also affected. Examples like these again show how difficult it is to prevent ransomware attacks. A significant challenge for organizations is that standard prevention measures – such as phishing training and anti-malware software – have proven ineffective or unreliable.
This is also confirmed by the Cloudian report, in which 54 percent of the victims surveyed had already taken anti-phishing training at the time of the attack, and 49 percent had installed perimeter protection. This demonstrates how ransomware easily bypasses many networks and user security measures that organizations have traditionally relied on. Hackers often use social engineering and phishing techniques to trick authorized users into revealing their credentials. This allows attackers to access the systems in the network and usually takes control in just a few hours. Although training can help reduce the potential for harm, human nature makes it impossible to guarantee safety.
Always One Step Behind
To protect against the growing threat of ransomware, more and more companies are turning to the expertise of MSPs. These usually provide the usual IT security measures, such as firewalls and antivirus tools, but these are no longer sufficient. Solutions designed to prevent ransomware or reactively contain attacks are quickly becoming obsolete today. The different types of malware and their detection signatures are constantly evolving, with MSPs and enterprises struggling to keep up. Another standard measure often used is data encryption – but even that doesn’t go far enough. At the same time, it can be very effective when cyber criminals want to access and share data. But in the case of ransomware, data can be re-encrypted to deny rightful owners access.
PaaS – Soon A Necessity?
There is more to security than these technical measures. It’s clear that MSPs and their customers are already in the crosshairs of cybercriminals and need a better solution. This is where Ransomware Protection-as-a-Service (PaaS) comes into play. In addition to tools designed to protect against attacks, organizations today need solutions that protect data backups, allowing for rapid recovery in the event of an attack. MSPs can meet this need through PaaS solutions using S3 Object Lock. Object Lock locks data on a storage device from access so that it cannot be changed or deleted within a certain period.
The function allows users to make backup copies of data immutable and thus protect against encryption or deletion by attackers. Data immutability ensures the availability of a clean copy of data for fast and reliable recovery in the event of a ransomware attack. The additional advantage of object lock is that it is used in object storage environments. These offer high cost and scalability advantages compared to other data protection destinations without the long recovery times often associated with the public cloud. Similarly, when leveraging PaaS over object storage, MSP customers benefit from fast and cost-effective data availability, enabling them to manage the potentially devastating effects of a ransomware attack.
Comprehensive Property Protection Is A Must
And while it may seem like cybercriminals have the upper hand, there are clear steps MSPs, and their clients can take to regain control of their data. The key is to go beyond traditional ransomware protection and build the immutability of business-critical data into security infrastructures. With PaaS solutions and their object lock capabilities, modern businesses can ensure continuity, productivity, and data security—even during a potentially crippling ransomware attack.