/ TitanHQ Blog
/ Tips for MSPs Responsible for Protecting Customers from Ransomware and Phishing
Posted by Trevagh Stankard on Thu, Dec 30th, 2021
In 2020, 43% of cyber-attacks targeted small businesses. Although small businesses often consider themselves uninteresting to attackers, they are primary targets. There are a few reasons for being targets: small businesses don’t have the budget for advanced cybersecurity infrastructure, they don’t consider themselves a target and often disregard cybersecurity standards, and small businesses don’t have the employee training to identify attacks. A Managed Service Provider (MSP) is responsible for many of these small businesses, so they must ensure that the right cybersecurity controls are in place.
Phishing and Ransomware are the Biggest Threats
Before structuring a cybersecurity plan, MSPs must identify threats and then audit infrastructure for risks. Research shows that the biggest threats are phishing and ransomware, and many threat actors incorporate both threats into a single targeted attack. Social engineering is also common with sophisticated attacks.
As an example of a standard attack, a threat actor might start with a phishing email. The email could target specific high-privileged users or a standard employee. It only takes one successful phishing email to trick a user into divulging sensitive data, including network credentials. Another option for an attacker is tricking the user into downloading malware, particularly ransomware.
Ransomware earns attackers potentially millions if the targeted victim pays the extortion fee. The amount of money requested in exchange for the decryption key depends on the malware author. It could be for small amounts, but most ransomware authors look for larger payouts for business victims. Some businesses pay the ransom, but malware authors don’t always reply with the private keys to decrypt data. In many cases, the only strategic response is to recover from backups.
With just one successful event, the user installs ransomware on one device. The ransomware scans the network to copy itself to other locations (in some scenarios), or encrypts important files and leaves the organization crippled. After a successful ransomware attack, the only two options for the organization are to pay the ransom or recover from backups. Instead of performing disaster recovery, an MSP can be proactive and protect the environment from threats.
Download resource: Pillars of the Modern MSP Security Technology Stack
Proactive Tips to Help Avoid Ransomware
Managing several clients and still giving every one the best cybersecurity attention possible is one of the many challenges for MSPs. To help MSPs manage their clients and keep them protected from ransomware and phishing, here are a few tips to keep small businesses and their data safeguarded.
Perform an audit to identify current standards and infrastructure. You don’t know what needs to be added or changed if you don’t know current cybersecurity infrastructure. It could be that the small business attempted to put some controls in place but did not configure them properly. Some cybersecurity practices could be compliant, but the MSP might need to improve on what is currently implemented, including the education and training for current and future client employees.
Target systems used to launch phishing and ransomware attacks. Systems such as email are primary vectors to start sophisticated attacks. Employee cybersecurity education helps, but it isn’t as effective as having cybersecurity tools on the email server. Instead of relying on humans, email server cybersecurity analyzes sender addresses and email content and filters any suspicious messages. The benefit is that the messages don’t reach the intended targeted victim’s inbox, so risk of phishing is reduced compared to relying on employees to identify malicious messages.
Automate as much as possible. It takes time to build an automation solution, so many MSPs put off automating daily activity and perform much of the overhead manually. As the MSP grows and acquires more clients, manual activity takes up too much time and can slow down productivity. It also increases the chance of human error, which can then be costly for the small business. Whenever possible, it’s best to automate any repeatable actions to reduce the chance of mistakes and make your MSP more efficient. This reduces overhead and leaves MSP employees open to focus on other tasks.
Offer employee cybersecurity education. Employees are perfect targets when they don’t know what a phishing attack looks like. When cybersecurity controls fail, the next line of defense is the employee’s ability to detect an attack and stop it. An effective MSP should offer cybersecurity training to educate their clients with the ways phishing and ransomware work and the methods used to trick targeted victims. The most effective cybersecurity training involves real-world scenarios where an employee can see the way an attack is carried out.
Protect your clients from phishing and ransomware attacks. Test try SpamTitan email security today.