Story image

State of the channel: A/NZ MSPs still grappling with ransomware

04 Mar 2019

Managed service providers across Australia and New Zealand are grappling with cybersecurity issues, ranging from SaaS infections to SMBs that don’t report ransomware attacks to the appropriate authorities.

Datto’s third annual A/NZ State of the Channel Ransomware report reveals just how severe the security problems are for more than 200 A/NZ managed service providers (MSPs).

Of those 200 MSPs, 38% reported infected SaaS applications, of which Microsoft Office 365 took the top spot as the most popular target. A/NZ also has the highest SaaS infection rate in the world, as the global average is much lower at 28%.

MSPs are also fending off unprecedented numbers of ransomware attacks against their client base.  In the first half of 2018, 42% of MSPs report clients suffered multiple attacks in a single day (up 7%, year-over-year).

According to the statistics, 60% of A/NZ MSPs reported attacks against SMBs, compared to a global average of 55%.

As a result of ransomware and other cyber attacks, 60% of MSPs reported that SMBs experienced business-threatening downtime. 

What’s more, the cost of downtime was almost ten times greater than the ransom that attackers demanded. The average downtime cost is approximately AU$57,577.20, compared to an average ransom of AU$6045.36.

However, MSPs are quick off the mark to help SMBs recover from an attack. The statistics show that 84% of SMBs report SMB recovery from an attack in 24 hours of less when there is a business continuity and disaster recovery solution in place.

According to the report SMBs aren’t reporting many attacks – fewer than one in five ransomware attacks are reported to the authorities. However, regulations such as Australia’s Notifiable Data Breaches scheme have raised awareness of attacks.

MSPs say that the leading cause of ransomware attacks is the lack of cybersecurity awareness of issues such as phishing emails, malicious websites, web ads, and clickbait.

Despite MSPs reporting that most ransom victims had email and spam filters, antivirus, and popup blockers, Datto says that no single solution can prevent ransomware attacks. Instead, a multi-layered portfolio is the best option.

The report makes four recommendations:

1. Businesses must prepare the front line of defence: your employees

SMBs must provide regular and mandatory cybersecurity training to ensure all employees are able to spot and avoid a potential phishing scam in their inbox, a leading entrance point for ransomware.

2. Businesses must leverage multiple solutions

Today’s standard security solutions are no match for today’s ransomware, which can penetrate organisations in multiple ways. Reducing the risk of infections requires a multilayered approach rather than a single product

3. Businesses need to focus on business continuity

There is no sure fire way of preventing ransomware. Instead, SMBs should focus on how to maintain operations despite a ransomware attack. One way to do this is a solid, fast and reliable business continuity and disaster recovery solution.

4. Businesses need a dedicated cybersecurity professional

SMBs often rely on a “computer savvy” staff member to handle their IT support and not an IT expert. If a company cannot afford a complete IT staff for 24/7 cybersecurity monitoring, they should be leveraging an MSP that has the time and resources to anticipate and protect a company from the latest cybersecurity threats.

Privacy: The real cost of “free” mobile apps
Sales of location targeted advertising, based on location data provided by apps, is set to reach $30 billion by 2020.
Myth-busting assumptions about identity governance - SailPoint
The identity governance space has evolved and matured over the past 10 years, changing with the world around it.
Forrester names Crowdstrike leader in incident response
The report provides an in-depth evaluation of the top 15 IR service providers across 11 criteria.
Slack doubles down on enterprise key management
EKM adds an extra layer of protection so customers can share conversations, files, and data while still meeting their own risk mitigation requirements.
Security professionals want to return fire – Venafi
Seventy-two percent of professionals surveyed believe nation-states have the right to ‘hack back’ cybercriminals.
Alcatraz AI to replace corporate badges with AI security
The Palo Alto-based startup supposedly leverages facial recognition, 3D sensing, and machine learning to enable secure access control.
Ensign and IronNet partner to create cyber analytics capabilities
The Singapore-based joint venture will form a Cyber Analytics Center for Excellence focused on securing regional enterprises from sophisticated cyber threats.
Unencrypted Gearbest database leaves over 1.5mil shoppers’ records exposed
Depending on the countries and information requirements, the data could give hackers access to online government portals, banking apps, and health insurance records.