Managed Service Providers (MSPs) are losing the battle with the bad guys. The combination of remote endpoints, human error, and sophisticated cyberattacks have transformed the cybersecurity landscape. It's with great sadness that we say R.I.P. to a single backup strategy. Today's cyber environment demands a multi-layer, security-first approach that includes not just backups, but a fortress of business continuity and disaster recovery (BCDR) features, capabilities, and functionality. Luckily, MSPs have the tools to not just overcome these cyber threats, but to increase security throughout the channel and lower the cost of doing business.
Backups Are the Latest Targets in Complex Cyber Attacks
It's not just MSPs and your SMB clients being targeted in ransomware attacks, it's your backups. Bad actors are altering their strategies to stay one step ahead of MSPs and it's working. Now they're going after backup systems which many businesses rely on as their last line of defense. With no other option for recovery, there's a higher chance of the ransom being paid once your backups are in the wrong hands.
Hackers have also come to understand the true value of the data they steal. Instead of just exchanging decryption keys for ransom payments, cybercriminals are sweetening the deal by releasing data on the dark web. The stakes are higher when data isn't just being held hostage, but actually being used over and over for malicious purposes. There could be a higher return for the criminal, and despite paying the ransom, there's no promises that the data hasn't already been sold.
New Admin Hunting Strategy Revealed by Internal Hack
We gained significant insight into the step-by-step process of today's cybercriminals when the ransomware gang 'Conti' became a victim of their own leak. A disgruntled hacker who worked for the gang published a playbook of their latest tactics for accessing the most business-critical data in ransomware attacks. One of the biggest takeaways is their use of admin hunting.
After gaining access to business infrastructure, hackers identify their targets of interests: backup servers and domain controllers. From there, they seek out admin access to move laterally throughout the system. Depending on the type of organization they're hacking, they specifically want access to finance, accounting, IT, clients, and projects. From there, they escalate their privileges in these vital departments before encrypting the system and demanding ransom. Advancing attacks of this nature are exactly like backups can't cut it anymore.
What Used to Work Isn't Enough
Legacy backup solutions can no longer support dispersed data protection against today's hackers. Ben Nowacky, Senior VP of Product at Axcient says, "As technology continues to advance, and with changes in cybersecurity and the new threats in the market, backups are woefully insufficient to protect businesses and MSPs from the threats that currently exist." According to the Veeam 2021 Data Protection Report, 43% of all backup jobs fail and 39% of restorations fail to restore within the expected SLA. That means almost half of all backups may not be restorable. Failure to meet SLAs is a top challenge for MSPs and that's not just affecting your relationships with clients.
Insurance carriers are well aware of the gap between new risks and an MSPs ability to recover from damaging attacks. They're increasing premiums, coverage requirements, and application demands – all of which increases your cost of doing business. Of course it's not an altruistic move, it's a way to deny coverage and claims in the future. They don't want to be held financially responsible when a successful attack takes place – and chances are, it's going to.
What's An MSP To Do? Modernize Your BCDR Solution.
To protect data and ensure uninterrupted BCDR with full restore capabilities, MSPs have to step-up their security strategies. Virtualization within the cloud lets you spin up any server, in any order, on any network configuration in just five minutes. Regardless of how the data was lost – be it a ransomware attack, natural disaster, accidental deletion, or a lost, stolen, or destroyed device – your clients can be up and running almost instantly.
Ben explains why virtualization is a necessary feature for business continuity. "If you get a ransomware attack and your insurance vendor needs two weeks on your network to do forensic analysis to understand why the breach happened, you can't operate your business for two weeks. Sure, you may have backups, but you're not allowed to recover from those backups because your insurance carrier is on your network." Virtualization eliminates the cost of downtime that can cost a client their business.
Axcient's x360Recover for BCDR gives MSPs the features necessary to combat today's cybersecurity landscape. With Virtual Office for virtualization, AutoVerify for backup integrity, and AirGap technology to protect backups, MSPs can gain insurance coverage, ensure business continuity, and expand their business with a single vendor. Start Your Free 14-Day Trial Today to see how your current solution compares.
This guest blog is courtesy of Axcient. Read more Axcient guest blogs here. Regularly contributed guest blogs are part of ChannelE2E’s sponsorship program.
