In what has been described as the largest ever ransomware attack in the world, 200,000 computers across 150 countries have been infected in the WannaCry cyber-attack that began on 12th May.
And it’s not over yet.
While press coverage has focused on the highest profile victims – the UK’s NHS, Deutsche Bahn, FedEx, Russia’s Ministry of the Interior, Renault, Telefónica and China National Petroleum Corp – it is thought that more than 1.3m computer systems remain vulnerable to infection by WannaCry.
Ransomware incidents are front page news these days and CompTIA has noted the ripple effect of such incidents on enquiries for security services.
Could WannaCry provide the impetus to push business disaster recovery (BDR) to the top of the agenda for your customers?
Cyber-criminals are no respecters of size
The fact that it is the world’s largest corporations and public sector organisations that have grabbed the headlines with WannaCry is no reason for complacency among MSPs, whose typical customers are small-medium sized businesses (SMBs).
The last five years have seen a steady increase in attacks targeting businesses with less than 250 employees and this is a global trend.
For example, some 87% of European IT service providers surveyed by BDR specialist Datto said their SMB customers had been hit by a ransomware attack at some point during the previous twelve months, with 40% of respondents reporting multiple attacks over the same period. The average ransom demanded was between £500 and £2000 – but exceeded £2000 in 15% of reported cases. Unfortunately paying the ransom was ineffective for 47% of companies affected who still lost some of the data that had been encrypted by the attack.
So why are SMBs particularly vulnerable, and could WannaCry type cyber-attacks be more likely to hurt SMBs in the future?
What makes SMBs vulnerable to cyber-attack?
SMBs can no longer assume that they are too insignificant to be targeted by cyber criminals.
As many of today’s SMBs are ‘digitally entwined’ with bigger companies, with trusted access to the networks and data of these customers and partners, they are seen as a means to opening the door to bigger systems further up the chain. Just imagine the reputational damage that such an incident would cause.
SMBs are vulnerable to attack for a number of reasons.
Eight common areas of vulnerability for SMBs:
- Lack of knowledge
- Lack of awareness of full implications of a cyber-attack
- Limited resources (time, expertise and budget) to implement comprehensive security defences
- No dedicated IT security specialist in-house
- Inadequate employee security training
- Failure to secure endpoints
- Outdated systems and failure to invest in new technologies that would help to keep them secure
- Outsourcing security to generalist contractors, rather than specialists
SMB vulnerability to WannaCry-type cyberattacks
Microsoft alerted the world to a vulnerability in its Windows operating system in March and issued a patch to fix it. The fact that this vulnerability could still be exploited by the latest WannaCry attacks illustrates that companies are not protecting themselves against threats by updating their systems.
To quote Microsoft’s President and Chief Legal Officer Brad Smith: “This attack is a powerful reminder that information technology basics like keeping computers current and patched are a high responsibility for everyone, and it’s something every top executive should support.”
One of the likely reasons that WannaCry hit the UK’s NHS so badly with 48 NHS Trusts and many GP practices affected, is that some 90% of NHS Trusts still run on Windows XP, which was released in 2001 and is now obsolete. Older systems can’t hope to cope with the cyber forces now ranged against them.
And if this reliance on aging systems and inability to get the basics right is being exploited within corporates and government organisations, SMBs are likely to be even more at risk: a lack of resources, outdated systems and a failure to invest in new technologies have already been flagged as reasons for SMB susceptibility to cyber-attack.
So what can you offer SMB customers and prospects for whom ransomware is currently front of mind?
Move the conversation from security to business continuity and BDR
Ransomware ‘punishes’ businesses that don’t have a robust BDR strategy in place. Most SMBs know the importance of regular backups but what they don’t always appreciate is the length of time needed to recover from a disaster using traditional backup technology – or the impact that a potentially lengthy period of downtime may have on their business.
Take advantage of the media frenzy around WannaCry to engage your customers in a serious discussion about BDR – with the aim of moving it further up the priorities list.
The impact of WannaCry on the NHS has been well-publicised: hospitals paralysed, operations and treatments cancelled, doctors unable to access patient records etcetera, etcetera. But the impact for SMBs is also significant.
Downtime equals lost time and lost time has a cost. Just how high these costs could be is indicated in the figure.
At the very least begin by demonstrating greater awareness of their security landscape and by pointing out any mistakes being made.
Many SMBs are looking to their MSPs to provide specialist help
SMBs may be more likely to suffer a cyber-attack because their IT team may be at best stretched too thin – and at worst non-existent. Add to this lack of in-house resource and specialist knowledge a level of budgetary constraint that is forcing a dependency on outdated technology and you have the ideal conditions for ransomware vulnerability.
So, if you haven’t already had the BDR discussion with customers – now is a very good time to do it. As well as making them more aware of the potential risks they face, this dialogue could open up a whole new area of service opportunity for your business.
Nearly three in five channel firms already incorporate security services in some form.
And you don’t have to go it alone.
You may opt to partner with a business continuity specialist to give you access to the latest technology products and the expertise you need to bring an out-of-the-box BDR solution to your customers quickly, easily and profitably – without having to hire in a raft of new resources.
And while you are thinking about partnering for BDR, it may also make sense to consider partnering for NOC services too, so reducing the existing monitoring, management and remediation burden on your technical team. Because if your own resources are too occupied in the ‘here and now’ of routine maintenance and troubleshooting to focus on your customers’ BDR strategies – you could be missing valuable opportunities.
Download our ebook to find out why you should be turning this growing opportunity into lasting revenue for your business.
Contact us to see how we can free up your time for that BDR conversation:
North America – Telephone +1 888 968 8414
APAC – Telephone +61 (02) 8320 7172
Europe – Telephone +44 (0) 203 435 6435
The Observer, 12 May 2017
CompTIA Trends in IT Security, March 2015