Ransomware incidents spiked 37% in the third quarter over the previous three months, according to a new report from Beazley.
Twenty-four per cent (24%) of ransomware attacks reported to Beazley Breach Response (BBR) Services in Q3 were found to have started with an attack on an IT vendor or managed service provider (MSP). The spike in those attacks was a major driver in the overall increase in ransomware incidents, Beazley said.
Small businesses, which often depend on MSPs to remotely manage their IT infrastructure, reported 63% of all ransomware incidents to BBR Services in the first nine months of the year. Many small businesses outsource all IT functions to MSPs, which can create a dependent relationship that cyber criminals take advantage of, Beazley said.
“IT vendors that supply small businesses often have clients that are wholly dependent on their expertise and availability to guide them through any IT issue, including a suspected or actual breach,” said Katherine Keefe, global head of BBR Services. “When a vendor itself becomes the target of a ransomware attack, it can not only expose clients to the risk of a breach, but can leave them in the lurch and without any IT support as the vendor battles with the initial breach and potentially exorbitant ransom demands. We help clients get their businesses back up and running as efficiently as possible when a breach occurs – but most important is to ensure that sensible preventative steps are taken to reduce the risk of being hit by ransomware either directly or via a service provider.”
“MSPs have to balance a need for speed and convenience when it comes to being able to respond to clients with ensuring the right security controls are in place,” said Joshua Dunn, incident response practice lead at Beazley subsidiary Lodestone Security. “Too often, speed and convenience win out over security controls.”