sb-nz logo
Story image

Interview: Datto talks ransomware and 'cyber extortion'

Small businesses are increasingly falling victim to not one ransomware attack, but multiple attacks as ‘cyber extortion’ increases, according to Datto, which is urging the channel to be more proactive in educating customers.

The business continuity and backup and disaster recovery vendor’s recent State fo the Channel Ransomware Report – which surveyed 1,700 managed services providers globally, including across Asia Pacific – revealed that businesses paid US$301 million to ransomware hackers last year.

The survey saw 97% of MSPs reporting a ‘significant’ increase in ransomware attacks in 2017. In Asia Pacific 92% of MSPs surveyed reported ransomware attacks between 2015 and 2017, ahead of the global figure of 86%; with 74% of APAC MSPs also reporting attacks in the first half of 2017 – again ahead of the global average of 59%.

Speaking to ChannelLife, Rob Rae, Datto vice president, says awareness of ransomware among SMBs remains ‘very low’.

“The problem is that even in the wake of monumental global attacks like WannaCry and NotPetya, it’s always the larger enterprises which have been affected making headlines, rather than SMBs, which means that they are still easy pickings for attackers,” Rae says.

“We know from the results [of the Ransomware Report] that although resellers are very aware of this increasing threat, there is still relatively low knowledge, understanding and concern from business owners, with only 38% of SMBs indicating ‘some knowledge’ of ransomware, compared with 34% last year,” he says.

While large organisations across the world spend millions of dollars investing in cyber security products and training for their teams, SMBs do not have this luxury.

“This is where the channel comes in. There’s an opportunity for resellers to bridge this gap, by providing the education necessary to help SMBs fend off attack.

“For resellers, it’s a great conversation to have with prospects and an excellent way to provide added value to your current client base,” Rae says.

The report shows a 15% increase in the number of repeat attacks targeting the same business multiple times – something Rae calls cyber extortion, and something he says is a worrying trend.

“When SMBs are attacked, it’s common for them to panic and pay the ransom to retrieve their data.

“This however is the worst thing you can do, sending the wrong message to attackers. Again, this is where the channel can work to educate business owners,” he says.

“SMBs need to stop paying the ransom, and the channel needs to educate them on this point. “When businesses pay the ransom, they confirm that they have money and that they value their data, which is dangerous and could see them being targeted again and again.

“[It’s also] important to know that paying the ransom does not mean that you will regain access to your data, in most cases it is the opposite.”

So what’s the solution?

According to Rae, ransomware continues to outsmart today’s top security solutions, something he says makes backup and disaster recovery even more essential.

“The survey results showed that with a reliable backup and recovery solution (BDR) in place, 96% of MSPs reported that clients were able to fully recover from a ransomware attack,” he says.

“The truth is, even if businesses apply best practices to limit the impact of ransomware attacks, like backing-up critical files, ensuring they have a good cybersecurity solution in place, and ensuring they are patching their system appropriately, none of these things are going to them restore their systems and get back up and running in the fastest possible way following attack.

“The most effective means for business protection from ransomware is a backup and disaster recovery (BDR) solution, followed by cybersecurity training.”

Story image
NortonLifeLock introduces dark web monitoring to its security suite
Dark Web Monitoring Powered by LifeLock will be capable of monitoring the dark web, searching for over 120 personal identifiable information including email, physical address, phone number, driver licence number, credit card or bank account numbers and gamer tags.More
Story image
Ripple20 threat has potential for 'vast exploitation', ExtraHop researchers find
One in three IT environments are vulnerable to a cyber threat known as Ripple20. This is according to a new report from ExtraHop, a cloud-native network detection and response solutions provider. More
Story image
ESET launches the latest version of its Mobile Security solution
“With this latest version of ESET Mobile Security, we want to ensure our users feel completely secure when performing financial transactions on their devices, in addition to being protected from malware and phishing attempts."More
Story image
Thales: A/NZ cybersecurity approach more talk than action
“While some organisations are talking a good story … predicted spending shows that most have the wrong focus.”More
Story image
Trend Micro tackles identity theft with new security suite
"The consequences of this malicious activity can have a significant impact on the lives of the victims for years to come."More
Story image
The SASE triangle: How a CASB protects managed apps
Enterprises that fail to adapt to the modern business world when it comes to security are likely to fall prey to data breaches and experience a host of other problems, writes Bitglass product marketing manager Will Houcheime.More