IT industry analysts have declared that 2016 will be the year of ransomware (pdf), and so far those predictions are coming true.
High-profile ransomware attacks are hitting hospitals around the country and commanding larger ransoms due to the urgent nature of the data being held hostage. Earlier this month, a utility company in Michigan even fell victim to a new ransomware strain.
I hear similar horror stories from the MSPs I talk to. Almost all of them could tell you about a customer that got infected with ransomware like CryptoWall, TeslaCrypt, or Locky. Thankfully, most businesses smart enough to hire a managed service provider had a solid backup plan in place, and they were able to recover easily, making the MSPs look like heroes.
Unfortunately, many small businesses aren’t as lucky and either end up paying the ransom or losing critical data. That’s why it’s so important for MSPs to start educating their customers about ransomware and raising awareness of this serious threat.
Here are the three key lessons I think MSPs need to teach customers as soon as possible:
1. Ransomware is skyrocketing
According to the U.S. Department of Justice and Internet Crime Complaint Center, ransomware victims paid more than $24 million to regain access to their data in 2015 alone. Considering that the same organizations report that a total of $57.6 million in damages from ransomware attacks have been reported since 2005, this represents a steep increase.
And law enforcement agencies are concerned. The United States and Canada issued a joint cyber alert in March about the recent surge in ransomware attacks. The FBI followed up in April warning businesses that ransomware is proliferating and getting more sophisticated—and more costly.
SMBs need to listen to these warnings, and MSPs have a responsibility to make sure customers start taking this threat seriously. Business owners can’t just assume that paying a token ransom will make the problem go away if it happens to them. “Paying a ransom doesn’t guarantee an organization that it will get its data back—we’ve seen cases where organizations never get a decryption key after having paid the ransom,” explained FBI Cyber Division Assistant Director James Trainor in a recent statement.
2. Educated users are the best defense
Having all the right safeguards in place, such as antivirus software, spam filters, and firewalls, doesn’t guarantee that a customer won’t get infected with ransomware. Malicious emails are getting more sophisticated and more targeted, making it easier for employees to be tricked into clicking on a suspicious link. And it only takes one person clicking on the wrong link or opening the wrong attachment to give ransomware the opening it needs to infect a whole system.
Small businesses are especially susceptible to this. According to the Verizon 2015 Data Breach Investigations Report, 23 percent of SMBs that receive phishing emails open them, and 11 percent click on the attachment.
That’s why MSPs need to teach customers what ransomware is, how it can hurt their business, and how to spot the warning signs of an infected attachment or suspicious link. I’ve seen MSPs approach this a number of ways. Some will organize online training that customers can share with their employees, and other take a more hands-on approach, going to a customer’s office and holding an interactive lunch and learn.
3. It makes backup more important than ever
When a customer’s system does get infected with ransomware, having a recent backup will make it easy for an MSP to restore their operations as quickly and painlessly as possible—without needing to pay the ransom. It saves everyone involved time and money.
To make this solution possible, MSPs need to ensure that customers have a reliable backup solution in place that’s tested regularly to make sure it’s running properly. If a customer doesn’t have a recent backup available, they’ll likely have no choice other than to pay the ransom. Backup is a critical part of how MSPs protect their customers from ransomware, and smart MSPs even use it as a way to sell more managed services.
Rick Faulk is the VP & General Manager MSP Business, Barracuda. Rick currently sits on the boards of Yodle, Influitive, Hostway, Bidding4Good & Ontegrity and is an advisor to other start-up businesses.You can read his blog here, and connect with him on LinkedIn here.