Over the past few years, ransomware has really taken over. First our computers, then news headlines, and now our TVs. This popular threat has been popping up on TV shows everywhere, including Mr. Robot, Black Mirror, and more recently, Grey’s Anatomy.
The recent Grey’s Anatomy show highlighted the scary realities of a hospital network being held ransom. With a wide variety of IoT devices in the mix, patients’ lives were put on the line as the hospital battled to get the network up in running again. While a ransomware attack may not surprise you as an IT service provider, this episode helped put this dangerous cyber threat in perspective for people who may have underestimated it in the past.
An opportunity for MSPs
These shows, paired with recent news stories, are a great way to start a conversation with your SMB customers about cybersecurity and what measures they can take to keep their data secure. While many of your customers may have already fallen victim to an attack or know someone who has, it is important to continually educate them about security best practices. Here are four things you should discuss with your SMB customers:
- There is no magic bullet. Threats can enter networks in a number of different ways. To mitigate risks, deploy robust solutions to secure multiple threat vectors, such as email security and a next-generation firewall. You also need to secure web applications, remote users, and the network perimeter.
- Educate users on how to detect common email threats. Phishing attacks and spear phishing attacks continue to evolve, and most are hard to detect. Educate your SMB customers on how to identify phishing attempts and protect their organization from these threats.
- Keep systems updated and change default passwords. It only takes one vulnerability to leave a backdoor open for a hacker, and not changing default passwords on devices gives hackers an easy way in. Often, businesses will wait to implement a patch because they are worried about how it will react in their environment. However, attacks like WannaCry show that you shouldn’t wait too long to implement a routine patch. Keeping systems up to date helps close any cracks in the foundation of your network.
- Test the validity of your backup sets often. Educate your customers about the importance of a good backup and recovery plan and how it can save them from paying hefty ransoms. The backup set is only as good as the restore, though, so be sure that critical data is backed up frequently to meet short recovery point and recovery time objectives.
Potential security pitfalls
One potential downside to all this exposure is that as the buzz around cyberattacks increase, the more we become desensitized to the severity of these attacks. Unfortunately, many SMBs believe they are too small to be the victim of a cyberattack, however, 70 percent of ransomware attacks target small businesses.
Start talking to customers about ransomware now. This can help you navigate the conversation smoothly and avoid some bumps in the road. After all, ransomware shows no sign of slowing down—so now is the best time to start a conversation with your customers.
Photo: ABB Photo / Shutterstock.