Not so very long ago, hackers and ransomware attacks were largely a concern for big-boy enterprise operations. Digital bandits made little effort to target small businesses (SMBs), presumably thinking that the pickings would be slim.
Things began to change a few years ago, though, and SMB attacks became more frequent. With an average ransom of around $10,000 to unencrypt vital business data, these attacks were – and continue to be – a source of great concern for the small business owner. With technology becoming so mission-critical for businesses and new threats constantly arising, many SMBs turned to managed IT services providers (MSPs) to manage their technology and its security. This is still the best path for the vast majority of SMBs because the rapidly changing threat environment requires tools and expertise that most business owners don’t possess.
Over the past year or so, however, hackers have begun to target those very MSPs, realizing that a single successful attack could impact dozens or hundreds of businesses once they find their way in via a phishing attempt or a weakness in remote monitoring and management tools.
With that realization, the ransom amounts changed dramatically, making that $10,000 figure for SMBs seem like the good old days. The average ransomware demand for hacked MSPs and their collective clients reached more than $750,000 last year.
Regardless of who is asked to pay the ransom, the result is the same: the MSP’s clients find themselves locked down just as if the attack had happened to them directly, the only difference being that it occurred through no fault of their own.
What to do? As always, it’s better to prevent an attack than to recover from one, and that means asking some specific questions of your MSP to determine their security posture.
- What Security framework does your MSP currently meet and does it align with your needs (for example, HIPAA-compliant)?
- What tools are in place to monitor and manage threats to the MSP and their clients?
- Does your MSP have a Security Operations Center (SOC) monitoring their systems?
- How often is a risk assessment performed on the MSP? Is it done internally or by a 3rd party?
- If the worst should happen, are they adequately insured?
It hardly seems fair: a small business hires an MSP to protect itself against attacks, only to find the MSP is now the one with the target on its back. Fair or not, the result is the same whether a business is hacked directly or via its MSP: lost time and revenue at best, and an existential disaster at worst.
Again, small businesses absolutely need the tools that MSPs provide. Just make sure your MSP’s goals are aligned with your own, and that they continue their due diligence on the cybersecurity front.
Questions about securing your business against cyber threats? Contact Hill Tech Solutions.