The second area where we expect to see growth in ransomware is service provider attacks. As technology and threats become ever more complex, companies are increasingly outsourcing their IT to specialist managed service providers (MSPs). These MSPs manage all aspects of IT for their customers, from printers to security. To do this, they need to have direct access to their customers’ networks.
Traditionally, ransomware actors target a single organization at a time. One victim, one ransom. However, ever on the alert for opportunities to increase their ROI, cyber criminals have realized that targeting MSPs enables them to hold multiple organizations hostage with a single attack. One attack, many ransoms.
The answer here is not to keep your security in-house. MSPs who specialize in security offer a very high level of expertise that is hard to replicate for many businesses. Instead, make security one of your selection criteria when choosing your MSP. Ask them about the security products and practices they use within their own organization. A good MSP will be happy to share.
And ask yourself about your priorities. Is protection #1? Cost is of course a consideration for pretty much every organization, but don’t compromise long term protection for short term cost savings. As we saw at the start, the cost of dealing with a ransomware attack outweighs many other expenses.