Story image

State of the channel: A/NZ MSPs still grappling with ransomware

04 Mar 2019

Managed service providers across Australia and New Zealand are grappling with cybersecurity issues, ranging from SaaS infections to SMBs that don’t report ransomware attacks to the appropriate authorities.

Datto’s third annual A/NZ State of the Channel Ransomware report reveals just how severe the security problems are for more than 200 A/NZ managed service providers (MSPs).

Of those 200 MSPs, 38% reported infected SaaS applications, of which Microsoft Office 365 took the top spot as the most popular target. A/NZ also has the highest SaaS infection rate in the world, as the global average is much lower at 28%.

MSPs are also fending off unprecedented numbers of ransomware attacks against their client base.  In the first half of 2018, 42% of MSPs report clients suffered multiple attacks in a single day (up 7%, year-over-year).

According to the statistics, 60% of A/NZ MSPs reported attacks against SMBs, compared to a global average of 55%.

As a result of ransomware and other cyber attacks, 60% of MSPs reported that SMBs experienced business-threatening downtime. 

What’s more, the cost of downtime was almost ten times greater than the ransom that attackers demanded. The average downtime cost is approximately AU$57,577.20, compared to an average ransom of AU$6045.36.

However, MSPs are quick off the mark to help SMBs recover from an attack. The statistics show that 84% of SMBs report SMB recovery from an attack in 24 hours of less when there is a business continuity and disaster recovery solution in place.

According to the report SMBs aren’t reporting many attacks – fewer than one in five ransomware attacks are reported to the authorities. However, regulations such as Australia’s Notifiable Data Breaches scheme have raised awareness of attacks.

MSPs say that the leading cause of ransomware attacks is the lack of cybersecurity awareness of issues such as phishing emails, malicious websites, web ads, and clickbait.

Despite MSPs reporting that most ransom victims had email and spam filters, antivirus, and popup blockers, Datto says that no single solution can prevent ransomware attacks. Instead, a multi-layered portfolio is the best option.

The report makes four recommendations:

1. Businesses must prepare the front line of defence: your employees

SMBs must provide regular and mandatory cybersecurity training to ensure all employees are able to spot and avoid a potential phishing scam in their inbox, a leading entrance point for ransomware.

2. Businesses must leverage multiple solutions

Today’s standard security solutions are no match for today’s ransomware, which can penetrate organisations in multiple ways. Reducing the risk of infections requires a multilayered approach rather than a single product

3. Businesses need to focus on business continuity

There is no sure fire way of preventing ransomware. Instead, SMBs should focus on how to maintain operations despite a ransomware attack. One way to do this is a solid, fast and reliable business continuity and disaster recovery solution.

4. Businesses need a dedicated cybersecurity professional

SMBs often rely on a “computer savvy” staff member to handle their IT support and not an IT expert. If a company cannot afford a complete IT staff for 24/7 cybersecurity monitoring, they should be leveraging an MSP that has the time and resources to anticipate and protect a company from the latest cybersecurity threats.

Hackbusters! Reviewing 90 days of cybersecurity incident response cases
While there are occasionally very advanced new threats, these are massively outnumbered by common-or-garden email fraud, ransomware attacks and well-worn old exploits.
SEGA turns to Palo Alto Networks for cybersecurity protection
When one of the world’s largest video game pioneers wanted to strengthen its IT defences against cyber threats, it started with firewalls and real-time threat intelligence from Palo Alto Networks.
Forrester names Trend Micro Leader in email security
TrendMicro earned the highest score for technology leadership, deployment options and cloud integration.
LogRhythm releases cloud-based SIEM solution
LogRhythm Cloud provides the same feature set and user experience as its on-prem experience.
One Identity named Leader in PAM and IAM by KuppingerCole
KuppingerCole lead analyst Anmol Singh evaluated the strengths and weaknesses of 20 solution providers in the PAM market for the report.
Healthcare environments difficult to secure - Forescout
The convergence of IT, Internet of Things (IoT) and operational technology (OT) makes it more difficult for the healthcare industry to manage a wide array of hard-to-control network security risks.
Bitglass appoints new cloud, business development leaders
The cloud security company has appointed vice presidents for worldwide channels and worldwide business development.
Exploring the different needs for cloud services across Europe
Although digital transformation is happening across Europe, each country continues to have its own IT needs and the different cloud markets highlight this.