Security MSPs are dealing with a huge spike in ransomware attacks as a result of cybercriminals exploiting the COVID-19 crisis.
As part of CPI's DeskFlix episode on cybersecurity, which can now be watched on-demand here, security experts from leading players including Arkphire, Atea and NTT Ltd revealed the inventive ways in which cybercriminals are weaponising the COVID-19 crisis.
With a huge portion of the European workforce being asked to work from home almost overnight, cybercriminals have taken advantage of unprotected devices and used social engineering techniques to force their way into company networks.
Even industry giants such as DXC Technology and Cognizant have fallen victim to large scale ransomware attacks, with the latter expecting losses of up to $70m due to the incident.
Speaking to CPI NTT Ltd's SVP of cybersecurity in Europe, Stefaan Hinderyckx, said that the frequency and gravity of ransomware attacks has spiked over the last six months, bringing whole organisations to their knees.
Hinderyckx said that sending employees home with just 48 hours' notice has meant that most workers are using laptops that are ill-equipped to protect the user from malware.
A combination of weak endpoints, clever social engineering techniques and the creation of COVID-19 domain names led to a spike in malware and ransomware attacks so far this year.
"There's a lot of R&D going on on the dark side to actually use COVID to create fear and anxiety within the population," he said.
"Because of COVID, the click rate has increased, which has led to more ransomware launchers being downloaded to endpoints. An additional complication is that people have been sent home very rapidly. In Belgium it was within 48 hours that people had to go home and the lockdown became a fact.
All of that has increased the number of ransomware attacks, but also the gravity of them. More serious stuff is happening, like whole companies going flat because of that. So there's definitely an impact that our analysts are seeing from our managed security services operations that we run across the globe."
Meanwhile the leader of Atea's incident response team, Vegard Kjerstad, said that statistics show that remote access tools are becoming a more common point of access for cyberattackers than usual methods such as emails.
"When it comes to remote access, this is one of the ways in. remote access connections are heavily misused. A lot of statistics are saying that remote access is more commonly used than emails for these ransomware attacks. In the end they are one of the main administrators and they steal information, and threaten to sell information.
"And the ransom fees are increasing rapidly. So I was really afraid of a lot of easy remote access solutions, so we actually did a lot of customer work to check scanning their perimeter solutions and helping them improve and be preventative."
Click here to register and watch the full DeskFlix episode on-demand for free.
Private equity firm KKR buys partner last acquired in 2015 for just $190m
We dissect the details of the Nordic reseller’s Q2 figures
Swedish reseller says Centralpoint acquisition will raise turnover to approximately €2bn
US MSP leaders from Verteks Consulting, Assured Data Protection and Iconic IT confirmed for CPI Inside Track US
CPI to hold virtual MSP event on 22 April, bringing together channel leaders from across the US managed services market
The transaction is expected to add around €8m in annual sales for the Nordics systems integrator
Confirmed MSP leaders from across the United States will discuss what forces will shape the managed services market in America this year
The deal will allow the cloud provider to grow its global presence
The software vendor claims its taking a 'quality over quantity approach' with new channel engagement strategy, which launched this week
Channel analyst says a strong rebound in China’s domestic economy was not enough to overcome a difficult year