Beware of Ransomware Everywhere, Including Mobile

Over the past few months, everywhere you turned, ransomware was on the news. First there was the huge WannaCry outbreak, and before that had a chance to fade, ExPetr (a.k.a. Goldeneye, Petya or NotPetya) followed at the end of June.

Those two major cyber incidents may have stolen the headlines, but they were far from the only news that should alarm service providers and their customers. For example, researchers at Kaspersky Lab recently noted that mobile ransomware is now targeting affluent countries, including the United States.

“These geographical changes in the mobile ransomware landscape could be a sign of the trend to spread attacks to rich, unprepared, vulnerable or yet-unreached regions,” said Roman Unuchek, a security expert at Kaspersky Lab. “This obviously means that users, especially in these countries, should be extremely cautious when surfing the Web.”

Let’s face it, gone are the days when employees worked on desktops that remained in the office, and traveling employees used loaner laptops. Nowadays, employees are connecting to corporate networks from personal and mobile devices from all over the world. BYOD (bring your own device) has become the norm–and a constant headache for security providers.

This could become equally troubling for MSPs (managed service providers), which are always looking to provide optimal security while also avoiding extensive downtime for clients. What can you do? For starters, offer your clients the following:

• Proactive protection: When looking at ransomware, perhaps the best strategy is also a timeless adage: “The best defense is a good offense.” Backups can save you in a worst-case scenario, but why let your customers get to that stage? When looking at security options that offer the best protection for customers, remember to look for tools that monitor application changes and detect if the changes are malicious. Strong solutions also have roll-back functionality to reverse malicious actions. That means less time restoring a system or traveling to a client.
• A personal touch: When a business looks to hire an MSP, they are looking for someone to fill a void. Outside of the technology, make it a point to offer new clients training on best practices and good cybersecurity hygiene. Employees can be the weakest link in the security chain, so showcasing best practices can add value to the business relationship.
• Continual touch points: Following training, look to keep clients up to date with the latest relevant security news. Not only is this a value add, but it can also be a way to educate clients in areas where they are not fully protected and let them know about the options available within their budgets.
• Punctual patching: If we can learn anything from the latest rounds of ransomware epidemics, it is that patches matter. Security holes are no laughing matter.
• Comprehensive backup: Backups are a trusted friend that every business (and individual, for that matter) should have. In the worst-case scenario, when a company gets infected with ransomware and cannot find a reliable decryption tool, it can restore its systems and data up to the day of the latest backup. Although this is not quite as good as rollback functionality, it is nonetheless very helpful. When advising customers about the importance of backing up data, it is a good idea to assess how vital their information is to day-to-day business.

When discussing ransomware, we have to go back to a point we preach again and again: Don’t pay the ransom. You can’t trust that criminals will live by their word–and any payment only helps fund their criminal endeavors.