SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
State of the channel: ANZ MSPs still grappling with ransomware
Mon, 4th Mar 2019
FYI, this story is more than a year old

Managed service providers across Australia and New Zealand are grappling with cybersecurity issues, ranging from SaaS infections to SMBs that don't report ransomware attacks to the appropriate authorities.

Datto's third annual ANZ State of the Channel Ransomware report reveals just how severe the security problems are for more than 200 ANZ managed service providers (MSPs).

Of those 200 MSPs, 38% reported infected SaaS applications, of which Microsoft Office 365 took the top spot as the most popular target. ANZ also has the highest SaaS infection rate in the world, as the global average is much lower at 28%.

MSPs are also fending off unprecedented numbers of ransomware attacks against their client base.  In the first half of 2018, 42% of MSPs report clients suffered multiple attacks in a single day (up 7%, year-over-year).

According to the statistics, 60% of ANZ MSPs reported attacks against SMBs, compared to a global average of 55%.

As a result of ransomware and other cyber attacks, 60% of MSPs reported that SMBs experienced business-threatening downtime.

What's more, the cost of downtime was almost ten times greater than the ransom that attackers demanded. The average downtime cost is approximately AU$57,577.20, compared to an average ransom of AU$6045.36.

However, MSPs are quick off the mark to help SMBs recover from an attack. The statistics show that 84% of SMBs report SMB recovery from an attack in 24 hours of less when there is a business continuity and disaster recovery solution in place.

According to the report SMBs aren't reporting many attacks – fewer than one in five ransomware attacks are reported to the authorities. However, regulations such as Australia's Notifiable Data Breaches scheme have raised awareness of attacks.

MSPs say that the leading cause of ransomware attacks is the lack of cybersecurity awareness of issues such as phishing emails, malicious websites, web ads, and clickbait.

Despite MSPs reporting that most ransom victims had email and spam filters, antivirus, and popup blockers, Datto says that no single solution can prevent ransomware attacks. Instead, a multi-layered portfolio is the best option.

The report makes four recommendations:

1. Businesses must prepare the front line of defence: your employees

SMBs must provide regular and mandatory cybersecurity training to ensure all employees are able to spot and avoid a potential phishing scam in their inbox, a leading entrance point for ransomware.

2. Businesses must leverage multiple solutions

Today's standard security solutions are no match for today's ransomware, which can penetrate organisations in multiple ways. Reducing the risk of infections requires a multilayered approach rather than a single product

3. Businesses need to focus on business continuity

There is no sure fire way of preventing ransomware. Instead, SMBs should focus on how to maintain operations despite a ransomware attack. One way to do this is a solid, fast and reliable business continuity and disaster recovery solution.

4. Businesses need a dedicated cybersecurity professional

SMBs often rely on a “computer savvy” staff member to handle their IT support and not an IT expert. If a company cannot afford a complete IT staff for 24/7 cybersecurity monitoring, they should be leveraging an MSP that has the time and resources to anticipate and protect a company from the latest cybersecurity threats.