Ransomware has been around for decades. So you might be tempted to feel complacent about it; after all, if ransomware has existed for so many years, the tools and strategies required to address it must be well developed by now, right?
Well, not exactly. Although the first ransomware attacks occurred many years ago, the threat posed by modern ransomware is much more intense. Ransomware has become more pervasive than ever, with ransomware attacks causing many millions of dollars’ worth of damage each year to organizations across a range of industries. At the same time, the number of ways in which ransomware attacks are executed is greater than ever, making it harder to prevent attacks.
For all of these reasons, it’s critical for MSPs to protect all of the data and devices they work with -- both their own and their customers’ -- from ransomware. Having a ransomware defense plan in place is the only way to keep data and devices safe, while also protecting your business’s reputation.
This article offers an overview of ransomware protection strategies, and tips on using backups to keep your own business, as well as your clients’ businesses, safe from ransomware.
Ransomware attack scenarios
A first basic step in ransomware protection is to understand all of the attack strategies that can be used to install ransomware. Here are four of the most common attack vectors:
- Phishing: In a phishing attack, attackers convince users to click a malicious link or install a malicious package that contains ransomware by sending them an email, SMS or other message.
- RDP: The RDP protocol (and similar remote-access protocols, like SSH and VNC) can be used by attackers to gain access to systems and install ransomware on them.
- Application exploits: Flaws within applications make it possible for attackers to gain unauthorized access and install malware.
- Physical intrusion: It’s easy to overlook the risk of unsecured physical access, but it’s a serious one. Without strong physical security, an attacker can simply walk into an office or data center and install ransomware.
There are various steps you can take to respond to these threats, such as monitoring messages for signs of phishing, keeping applications up-to-date and -- most importantly -- making sure you keep multiple backup copies of data, so that you can use it to restore systems in the event of a ransomware attack.
How to protect your customers’ data
Complicating the threat posed by ransomware for MSPs is the fact that many of your clients may not take ransomware seriously. They mistakenly believe that their business is not important enough to attract a ransomware attack, that they don’t have any sensitive data or that the basic security measures they already have in place are enough to keep them safe.
Defending your clients from ransomware requires, in part, dispelling these notions, so that your customers understand just how important it is to take extra steps against ransomware. There are several ways to go about this:
- Consultations: Devote time to consulting with your clients specifically on the topic of ransomware. This is not usually a discussion that you’d otherwise have in the context of providing managed services, so providing a consultation is an opportunity for you to explain to them the risks that ransomware poses to their particular business, and how you can help protect against them.
- Create educational content: Consider creating materials about ransomware that you can distribute by email or publish on a relevant blog to help educate your clients. Here are some free templates that you can use to get started.
- Emphasize constant updates: You want your clients to understand that they can never be up-to-date enough. All systems, whether you or they maintain them, should be updated continuously.
- Offer clear ransomware solutions: Getting your clients to take ransomware seriously isn’t just about scaring them. You must also offer clear solutions to help them address the threat, whether they are managed services offered by you, or software tools the clients can install on their own.
Ransomware may be decades old, but it’s a more serious cybersecurity threat than ever. Keeping your own and your customers’ businesses safe from ransomware requires understanding all the ways in which ransomware attacks can occur, as well as educating your customers about ransomware dangers and ways they can respond.