Cloud computing has become an integral part of business, providing affordable and flexible options for organisations as they grow.
But as Cloud services become more popular, they become increasingly lucrative targets for cyber criminals. If they’re not properly managed, they create a raft of vulnerabilities that can be exploited to great effect.
This is particularly the case for MSPs (managed service providers), which often work with dozens, if not hundreds, of organisations. As a result, a single vulnerability could have far-reaching consequences.
According to one report, a cyber attack on an MSP could result in $80 million (about £58 million) in economic losses across hundreds of small businesses.
We saw this recently with the ransomware attack on Kaseya. The software company’s tools are widely used by MSPs, and when cyber criminals launched an attack over the July 4 weekend, it sparked huge disruptions.
As many as 1,500 businesses were affected, with organisations forced to suspend operations or temporarily close as they attempted to prevent the spread of the infection.
Although that was the most recent breach to hit the headlines, it certainly isn’t the only one. It followed attacks on the managed service providers Blackbaud, SolarWinds and Pivot Technology Solutions – all of which were targeted by ransomware.
This is clearly an issue that MSPs must address if they are to avoid the financial and logistical nightmares that cyber attacks present.
After all, it’s not only their own practices that they need to be worried about but also the practices of organisations that use their services.
Three quarters of MSPs have been affected
According to the 2021 Perch MSP Threat Report, 73% of managed service providers reported that at least one client had suffered a security incident in the past year. Of those, 60% were related to ransomware.
As the report notes, organisations’ reliance on the Cloud plays a significant role:
Threat actors are keenly aware of our reliance upon the cloud while also banking on the fact that it’s a source of poor visibility for us. That’s a scary combination. Criminals will continue to focus on cloud-based attacks, leveraging credential theft, exploiting misconfigurations, and leveraging API-based attack vectors to sink their dirty hands into our precious data in the cloud
It adds that ransomware specifically has become a popular method for cyber criminals due to the novel ways in which attackers can target organisations.
Traditionally, such attacks involve infiltrating an organisation’s systems and encrypting their information. However, Perch has observed that this is increasingly not the case:
Recall our prediction from last year that data exfiltration and subsequent ransom demands over that data would become the norm. And it did.
That’s because the data itself is as valuable as anything for you and your clients. We predict that cloud-based attacks will result in data-hostage scenarios where criminals will demand a ransom to not leak that data. That’s pretty scary.
How MSPs can protect themselves
The proliferation of ransomware attacks demonstrates that it’s not always possible to prevent disruption altogether, but there are steps that organisations can take to mitigate the risk.
For example, you must implement a cyber incident response to help you respond to an attack.
The majority of the damage caused by ransomware is a result of improper planning – taking too long to isolate infected systems, making bad incident response choices or being unable to operate during the disruption, for example.
A response plan ensures that you take quick, decisive action to mitigate the damage and that as much work as possible can continue, even if you’re relying on pen and paper.
Being able to demonstrate this plan to your partners also assures them that you’re aware of the threat and know what to do.
Suppliers can use this information to understand how a disruption will affect their organisation and allow them to produce a response plan of their own.
Of course, implementing an incident response plan takes time and effort – but you won’t be alone. The 2021 MSP Threat Report found that almost a third of organisations will increase their cyber security budget by more than 10% in 2021.
Those who want to know more about how to plan for disaster should take a look at IT Governance’s Cyber Incident Response service.
A team of experts will guide you through the recovery process, providing legal and technical advice.
Using industry good-practice frameworks, this service helps you limit the impact of any cyber security incident and ensure that you return to business as usual promptly.