Ransomware hones in on MSPs for bigger payout, report finds
Top MSP trends and insights have been revealed in the 2022 ConnectWise MSP Threat Report - the MSP industry guide focused on cybersecurity.
In its third year, the report includes analysis of major MSP-related security events and trends from 2021 and top predictions for 2022, including a continued rise in MSP-focused ransomware attacks and increased cooperation among governments to combat cyber crime.
In addition to predictions of increasing ransomware attacks and more cybersecurity legislation, the following are key findings from the 2022 ConnectWise MSP Threat Report:
The market will see an evolution of a ‘super-MSP'. In other words, MSPs that have joined together, through mergers and acquisitions, as a result of private equity with deep financial pockets that have entered the channel.
Cybersecurity has always been a focus for MSPs, but it will be more critical than ever moving forward, the report finds.
The SMB market is predicted to spend more in 2022 with a need to make significant investments in cyber detection, response and automation.
As a result of growing success by law enforcement to track and shut down malicious actors in 2021, multiple threat actor groups changed their tactics to stay under the radar.
ConnectWise predicts that ransomware operators will continue to shift focus on mid-tier organisations that are capable of decent sized payout, but will not get as much public attention when compromised.
The ConnectWise Cyber Research Unit (CRU) - a dedicated team of threat hunters and researchers that identifies new vulnerabilities in the MSP industry - collected data regarding 500 cybersecurity incidents from MSP partners and their clients.
Of those 500 incidents, 40% were related to ransomware. The report also revealed that there was a 10-15% increase in ransomware incidents by quarter, with 56% of all incidents occurring in the second half of 2021.
The 2021 report released by Perch Security, which was acquired by ConnectWise in 2020, accurately predicted that ransomware attacks would continue to become even more MSP-focused.
MSPs are a far more lucrative target than individual businesses due to the potential to ransom multiple companies at once, therefore ConnectWise predicts that this will be an ongoing issue for 2022.
In addition, the 2022 report provides a detailed timeline of major security incidents that occurred over the past year. Observations made from that timeline show that MSPs are increasingly being targeted and identifies the top five ransomware groups that the CRU observed targeting MSPs and their clients.
ConnectWise general manager cybersecurity Raffael Marty says, “With the current political climate and skyrocketing reports of global security incidents, Congress is facing pressure to do more to crack down on cybercriminal activity. However, that won't happen overnight.
"This report, put out by our Cybersecurity Research Unit, serves as a powerful tool to help MSPs understand and identify vulnerabilities and guide them to make security investments that will rapidly detect and resolve potential threats to protect their businesses and their clients.”