A Cybersecurity Rundown for MSPs

Protecting clients from cybersecurity and ransomware threats is a priority for all MSPs across the globe. One of the simplest yet most effective steps in this process is to ensure clients are up-to-date and well versed on the various threats today. From data breaches to new ransomware strains, there is certainly no lack of threats.

Ryan Weeks, Chief Information Security Officer, Datto, Inc.
Author: Ryan Weeks, chief information security officer, Datto Inc.

To make things a little easier for you and your clients, we have selected some of the highest-profile stories over the past few weeks to help you stay one step ahead.

  • GermanWiper Ransomware Wreaking Havoc and Deleting Data: A new ransomware strain is infecting users across Germany and taking an even more sinister twist on malware. Instead of following the normal protocol of encrypting machines and holding data for ransom, GermanWiper is instead rewriting and permanently destroying data. Similar wiper ransomware made headlines in 2017 when a modified strain of NotPetya was seen infecting users and deleting data.
  • 100 Million People Exposed in Capital One Breach: A hacker gained access to over 100 million credit card applications from Capital One. The hacker in custody is accused of stealing 140,000 Social Security numbers, 1 million Canadian Social Insurance numbers, 80,000 bank account numbers, and countless other pieces of personal information.
  • Equifax Fined up to $700 Million for Data Breach: The Equifax data breach saga has moved forward and the credit reporting giant will have to pay up to a $700 million settlement. The breach impacted nearly hundreds of millions of Americans in 2017. Under the newly disclosed penalties, Equifax will pay between $300 million and $425 million as compensation to consumers and an additional $275 million civil penalties and compensation. If you were affected by the breach, you may be eligible for compensation for credit monitoring or associated damages if your identity was stolen as part of the massive breach.
  • Ford, TD Bank Affected by Cloud Data Breach: Various companies including Ford and TD Bank were impacted in a recent cloud data breach. According to reports, the IT provider for these companies accidentally exposed the information on Amazon S3 data buckets. The data buckets contained information on Attunity, the IT provider, such as employee email backups, a virtual network roadmap, and personal information of Attunity employees. In addition to the provider, leaked client data included Ford technology information and TD Bank invoices.
  • Major Technology Companies Targeted by Ransomware Attacks: It appears hackers are becoming more zealous and going for bigger game. According to a new report from Reuters, hackers from China have targeted eight major computer firms and MSPs throughout a year-long attack. The "Cloud Hopper" attacks have hit some major companies such as HPE, IBM, and Fujitsu. The attackers are able to ‘hop’ into client networks after attacking service providers and attempt to steal sensitive corporate and government information. It's currently unclear how damaging these attacks were, the number of victims affected, and what type of information may be compromised.

According to Datto’s Global State of the Channel Ransomware Report, lack of cybersecurity training is a leading cause of successful ransomware attacks, with the top delivery method being phishing emails, followed by malicious websites, and clickbait. Educating clients should be an ongoing effort for every MSP. Recommending solutions that can help them recover from downtime caused by things like ransomware becomes much easier when clients have a solid understanding of how malware works and the disastrous impact it can have on businesses.

For more statistics and best practices on the current landscape of ransomware, check out the full report today.

Ryan Weeks is chief information security officer (CISO) for Datto. Read more Datto blogs here.