For managed services providers (MSPs), malware is an unwelcome predator—one that stands to put both their customers’ reputations and their own on the line. This devastating cyberattack can come in many shapes and sizes, but the end goal is always the same: to compromise workstations, laptops, servers, or computer networks and gain access to or damage business-critical data.
According to a report from IBM X-Force Incident Response and Intelligence Services (IRIS), the first half of 2019 saw a 200% increase in malware attacks compared to the last half of 2018. Resolving and recovering from these destructive attacks is not only time-consuming—it’s also expensive. IRIS estimates that victimized organizations spend an average of 512 remediation hours to recover and lose over $200 million in the process.
Fortunately, knowledge is power. MSPs must become intimately familiar with the types of malware in existence, as well as the tactics designed to mitigate against them. With these insights in hand, MSPs will be better equipped to outsmart even the most cunning hackers.
Getting to know you: the many faces of malware
Malware, short for “malicious software,” is an umbrella term for dangerous programs that cybercriminals use to target their victims. There are many different varieties of malware, including:
- Viruses are a type of malware that infect, delete, and corrupt files
- Worms are network malware that infect multiple connected devices
- Trojan horses are disguised as legitimate software and open a “backdoor” into your device for other malware to exploit
- Adware displays unwanted advertisements (pop-ups) and can open your network up to additional vulnerabilities, much like Trojan horses
- Spyware tracks passwords, credit card numbers, and online behavior
- Rootkits allow attackers to maintain privileged access to a computer or certain programs while remaining undetected
Six tactics to keep your customers’ data safe from malware
Protecting your customers’ networks and computers from attacks requires a multi-pronged approach that stops attackers at every angle. Here are six tactics to consider as you develop your security strategy:
1. Keep all systems, software, and applications up-to-date at all times
An out-of-date system means one thing: vulnerabilities. As attackers become more sophisticated and researchers become more diligent, vulnerabilities in popular software, operating systems, end-user applications, and even security software are discovered every day. Attackers wait patiently to exploit these vulnerabilities and gain access to your customers’ IT infrastructure in one fell swoop.
To combat these attackers, vendors push out new updates, also known as patches, at a rapid rate. Keeping up with these repairs for numerous customers and devices can be challenging for even the most advanced MSP. While some platforms, including Microsoft, have begun leveraging automated software updates, this isn’t universal. It’s up to MSPs to remain vigilant and leverage a sophisticated patch management system. These tools are designed to monitor for missing patches and notify admins as soon as a missed patch is identified.
With robust patch protection in motion, MSPs can rest assured their customers’ infrastructure is as up-to-date as possible.
2. Make email monitoring a top priority
Email is an inevitable part of business culture. It allows employees to communicate quickly and efficiently with their teams, clients, and customers alike—but on the other hand, it’s also favored by cyber attackers. According to Verizon’s 2018 Data Breach Investigation Report, 92.4% of malware is delivered via email.
As an MSP, email security is no joke. Fortunately, email security software has evolved to
serve two purposes—defend against email-based malware attacks, and also ensure email continuity through a cloud-based email archive. This archive will help ensure employees have access to their email even if the infrastructure fails. From a prevention standpoint, machine learning and threat intelligence are leveraged to help identify and block email-based malware before it enters an employee’s inbox.
3. Put constructive web or URL filters into play
Web protection systems have earned a negative reputation among some companies. Employees see them as a threat to their independence and a test of their trust. In reality, these filtering systems are designed to protect and empower employees by ensuring they don’t inadvertently put their entire system at risk.
With these platforms in hand, MSPs can control, monitor, and enforce web filtering all via a single computer screen. This allows them to block potentially harmful websites that could contain malware, spyware, and other dangerous software. When employees navigate to a site, the web filtering software will identify the site, its content, and its URL all in real-time. Within a matter of milliseconds, the tool will determine whether the site can be viewed or must be blocked to comply with predefined rules and company policies. In addition, MSPs can set up a notification system that alerts administrators as soon as an employee attempts to access a blocked website. Other customizable features include time-based browsing rules, web policies specific to devices or users, and more depending on the software.
4. Educate customers on the risks and warning signs
Effective cybersecurity is a community responsibility. But to truly build a culture of security, education is key. In a survey of attendees at the 2017 Black Hat security conference, approximately 84% of respondents whose company had experienced a cyberattack attributed at least part of it to human error.
MSPs must empower their customers with the insights they need to make smart, secure decisions day-in and day-out. This can involve explaining what malware is, how it works, and what red flags customers should keep an eye out for. Malware pop-ups or emails may contain text like, “CONGRATULATIONS! Your banner ID #12345 has won an hourly contest. Click here.” They can also be subtler and more convincing, posing as Windows or another trusted provider seeking your login details for an update. Encourage your customers to proceed with caution and always raise any suspicious content up the flagpole before clicking.
5. Put firewalls into effect
In many ways, firewalls are your first line of defense against attackers. Firewalls act as a filtration system, scanning packets for malicious code or threatening attack vectors. Should a data packet be flagged and labeled a security risk, the firewall prevents it from entering the network or reaching your computer.
Firewalls can take the shape of hardware or software. The hardware options are often built into routers to intercept traffic moving between the broadband router and user devices. Software options are programs that monitor the traffic going in and out of your customers’ computers. Due to the extensive array of cyberattacks, it can be difficult for any type of firewall to filter out each and every threat attempting to gain access. Pairing firewalls with other security programs and hardware is a must.
6. Encrypt critical files and folders
This final tactic isn’t designed to prevent malware from entering your customers’ network—rather, encryption is a way to protect your customers’ data in the event of an attack. An encryption system scrambles sensitive data using mathematical calculations to turn data into a ciphertext of unreadable characters. The original data can only be revealed with a key generated by the encryption algorithm, allowing it to remain hidden from everyone but the authorized parties. If an attacker manages to enter the network, they’ll find themselves face-to-face with a wall of meaningless jargon.
In a sense, database encryption should be redundant, only becoming necessary if access controls and other security measures fail. However, adhering too closely to this mindset is a clear vulnerability, as these other security measures aren’t failsafe. MSPs can help businesses understand that databases need additional safeguard protections in place.
Putting enterprise malware protection into play
As hackers become more creative and innovative in the art of attack, MSPs must step up to the plate with equally creative and innovative protection practices and policies. Patch updates, cloud email security initiatives, URL filtering, education, firewalls, and multi-layer encryption are just a few of the many ways to protect your customers’ data and safeguard your reputation as a security leader.
How you use each of these tactics is up to you as an MSP. The most important thing is to have a plan, put it in place, and get your customers on board. With the right cybersecurity strategy, 2020 has the potential to be your best year yet.