sb-nz logo
Story image

Interview: Datto talks ransomware and 'cyber extortion'

Small businesses are increasingly falling victim to not one ransomware attack, but multiple attacks as ‘cyber extortion’ increases, according to Datto, which is urging the channel to be more proactive in educating customers.

The business continuity and backup and disaster recovery vendor’s recent State fo the Channel Ransomware Report – which surveyed 1,700 managed services providers globally, including across Asia Pacific – revealed that businesses paid US$301 million to ransomware hackers last year.

The survey saw 97% of MSPs reporting a ‘significant’ increase in ransomware attacks in 2017. In Asia Pacific 92% of MSPs surveyed reported ransomware attacks between 2015 and 2017, ahead of the global figure of 86%; with 74% of APAC MSPs also reporting attacks in the first half of 2017 – again ahead of the global average of 59%.

Speaking to ChannelLife, Rob Rae, Datto vice president, says awareness of ransomware among SMBs remains ‘very low’.

“The problem is that even in the wake of monumental global attacks like WannaCry and NotPetya, it’s always the larger enterprises which have been affected making headlines, rather than SMBs, which means that they are still easy pickings for attackers,” Rae says.

“We know from the results [of the Ransomware Report] that although resellers are very aware of this increasing threat, there is still relatively low knowledge, understanding and concern from business owners, with only 38% of SMBs indicating ‘some knowledge’ of ransomware, compared with 34% last year,” he says.

While large organisations across the world spend millions of dollars investing in cyber security products and training for their teams, SMBs do not have this luxury.

“This is where the channel comes in. There’s an opportunity for resellers to bridge this gap, by providing the education necessary to help SMBs fend off attack.

“For resellers, it’s a great conversation to have with prospects and an excellent way to provide added value to your current client base,” Rae says.

The report shows a 15% increase in the number of repeat attacks targeting the same business multiple times – something Rae calls cyber extortion, and something he says is a worrying trend.

“When SMBs are attacked, it’s common for them to panic and pay the ransom to retrieve their data.

“This however is the worst thing you can do, sending the wrong message to attackers. Again, this is where the channel can work to educate business owners,” he says.

“SMBs need to stop paying the ransom, and the channel needs to educate them on this point. “When businesses pay the ransom, they confirm that they have money and that they value their data, which is dangerous and could see them being targeted again and again.

“[It’s also] important to know that paying the ransom does not mean that you will regain access to your data, in most cases it is the opposite.”

So what’s the solution?

According to Rae, ransomware continues to outsmart today’s top security solutions, something he says makes backup and disaster recovery even more essential.

“The survey results showed that with a reliable backup and recovery solution (BDR) in place, 96% of MSPs reported that clients were able to fully recover from a ransomware attack,” he says.

“The truth is, even if businesses apply best practices to limit the impact of ransomware attacks, like backing-up critical files, ensuring they have a good cybersecurity solution in place, and ensuring they are patching their system appropriately, none of these things are going to them restore their systems and get back up and running in the fastest possible way following attack.

“The most effective means for business protection from ransomware is a backup and disaster recovery (BDR) solution, followed by cybersecurity training.”

Story image
Enterprises underutilising security tools, causing teams to burn out
The report unveiled a lack of meaningful ROI metrics when reporting on security progress, as well as disparate opinions on objectives, tool effectiveness and security awareness amongst the organisation between executives and operations on security teams.More
Story image
Infrastructure-as-code, and how it can secure the cloud
Bridgecrew recognised IaC early on as one of the best ways for modern teams to delegate security ownership to individual contributors while distributing it across existing frameworks within CI/CD pipelines. This attribute meant that IaC was invaluable in securing cloud-native environments.More
Story image
New wormable Android malware discovered through auto-replies in WhatsApp
Check Point Research has discovered new malware on Google’s Play Store that could spread through WhatsApp messages. More
Story image
Hackers offering forged “official” COVID vaccination certificates and negative test results on dark net 
There has been a 350% increase in the number of advertisements selling alleged COVID vaccines within the last three months.More
Story image
From Me to We: Partnerships & multiparty systems in the post-COVID-19 age
MPS is all about sharing data infrastructure between people and organisations - think along the lines of blockchain, distributed databases and ledgers.More
Story image
Software-based facial recognition in payments industry to dominate by 2025
There will be more than 1.4 billion users of facial recognition software used for payments alone in 2025, up from 671 million in 2020.More