Big IT firms face more than 1,000 attempted cyberattacks a day. And while ransomware attacks have declined since 2018, cybersecurity experts warn that we’re seeing a rise in reported targeted ransomware attacks – especially attacks on Managed Service Providers. MSPs are particularly vulnerable to ransomware attacks and attractive to hackers because they can gain access to the networks of the MSP’s many customers. No one is too big to fail, and MSPs are under increasing pressure to improve their security to protect their customers.
What Do Managed Service Providers Provide?
Managed Service Providers (MSPs) function as a customized IT department for your company. If you don’t have the staff or skillset to manage something in your IT infrastructure, they can remotely manage it and even provide support for your end-user systems. They can also provide repair services and procure equipment for you – everything from printers to laptops.
In more complex engagements, an MSP might provide network reporting and analysis. At the enterprise level, they often do network maintenance and offer help desk services assisting employees with anything on the network. They’re sometimes brought on board to consult on new construction projects or when building brand new networks.
Ransomware Attacks & MSPs
Ransomware (or malware) is malicious software used to hold files, devices or entire networks hostage until a ransom is paid. Typically the nefarious parties are looking to get paid in untraceable cryptocurrencies, such as Bitcoin. Even if you pay the ransom, there’s no guarantee that your data hasn’t been destroyed or that you’ll ever get it back.
Ransomware is typically introduced into your network through phishing emails that contain corrupted attachments and links. When unsuspecting employees open the emails or click on the links, chaos ensues.
Unfortunately, even IT pros and MSPs can be victimized by hackers. Nation-states such as China have vast resources to do considerable damage to networks globally. Last year it was reported that China hacked eight of the world’s leading IT services firms to steal customer data.
MSPs are particularly appealing to hackers because they’re getting more bang for their buck. Instead of just taking down a single municipality or business organization, they can take down the MSPs themselves – and in turn, get the keys to the cyber- kingdom for all of their clients.
Once an MSP has been breached and their customers’ information has been stolen, it’s bad business and lost revenue for those clients. It makes news, and it destroys reputations.
This is incredibly frustrating and scary for enterprises who believed that their MSP was a ‘silver bullet’ against data breaches.
What Can MSPs Do to Protect Themselves and Their Clients?
Ask your MSP if they can show you how they’re going to protect your data and if they do any of the following:
1) Third-Party Security Audits
Your MSP should undergo a third-party security audit to ensure that they’re using best practices. Depending on which part of the business world you’re in, your needs and requisites could be varied. An audit could plug a lot of security holes, large and small.
2) Thorough Data Backups
Backups will save you if there’s ever a breach and data are destroyed. Redundant and off-site backups are even better. In the event of a ransomware attack, you will at least know you won’t lose valuable data. If this data is customer property, especially if it’s financial, work with an MSP that understands the intensely complicated world of PCI compliance.
3) Latest Patches and Antivirus Software
This should be easy for your MSP. Doing regular scans and using patches for the latest vulnerabilities is security 101. Keep your operating system, proprietary software used by all employees, and firmware, fully upgraded.
4) Cybersecurity Awareness Training
People are the X-factor in any security scenario. Your MSP can help you educate your staff to be vigilant about phishing scams and teach them best practices for cybersecurity at the end-user level. No matter how well-armed you are on the security front, it only takes one small mistake from one employee who might not be aware of the dangers that can be posed in emails, or online.
Act Fast, Quarantine and Stay Informed After A Ransomeware Attack
In the event of a breach, it’s important to act quickly and quarantine the infected section of your network. It’s a good idea to work with your MSP to develop an incident response plan if there is a breach.
Finally, ask your MSP if they’re getting security alerts from the National Cyber Awareness System provided by the U.S. Department of Homeland Security or sign up for yourself. This will help you stay informed of the latest threats and vulnerabilities.
If you need help designing and deploying a safe and stable enterprise WLAN adhering to the latest security best practices, we can help.