There are many reasons why ransomware attacks are on the rise, and why they are quickly becoming more difficult to defend against. One of the most important of these is the greatly increased attack surface that contemporary firms present to attackers, particularly in the post-pandemic era. With so many employees still working from home – many using their own computers, smartphones, and tablets – we have given attackers more opportunities to invade our expanded network perimeter. This presents risks to companies and opportunities for MSSPs to help their clients reduce and minimize these risks.
Attack techniques and targets have quickly evolved to take full advantage of this increased, and often less rigorously defended, attack surface. Socially engineered phishing attacks on employees used to account for the majority of successful cyberattacks; while they are still a common vector for transmitting ransomware, other ingress techniques are gaining popularity.
Another factor that has increased many organizations’ attack surface is the widespread practice of making their systems more accessible to customers. It’s no longer rare, for instance, to allow customers to log in to a supplier’s corporate systems directly, either to view data relating to a purchase, or to manage their own accounts. Public-facing systems of this type offer companies the ability to deliver the 24x7x365 customer experience people have grown to expect, but these types of shared-use systems also present new risks.
Every time a system is made available publicly, it invites attackers to attempt to infiltrate the system to deploy ransomware or other types of malware. This doesn’t mean using these systems should be avoided, but steps should be taken to ensure they are secure. Let’s take a look at two highly effective ways that MSSPs can help their clients secure their systems and reduce the risk of a successful breach.
Automating Your Clients’ Defenses
As with other forms of automation, automated cybersecurity solutions are becoming widely available at price points that put them easily within reach of organizations of all sizes, from major corporations to small and midsize businesses. Automated security solutions constantly monitor the “perimeter” of your systems – the point where they interact with the external world – and identify threats as they occur, in real time, shutting down malicious actions within milliseconds.
Automated endpoint defense systems are only part of the story, however. The broader value of automation in cybersecurity provides teams with more time for what they do best – strategic thinking and proactive planning. By removing the drudgery of patrolling IT systems for threats and constantly re-imaging virus-infected machines, MSSPs are able to offer a higher level of security to their clients while freeing up staff to support more clients, increasing scalability to drive more revenue and profits.
Benefits of Zero Trust Architectures
Automated cybersecurity solutions are often paired with a parallel approach to improving cybersecurity defenses, the Zero Trust model.
Zero Trust models take the standard approach to user authentication, such as multi-factor authentication, and vastly expand its capabilities. With Zero Trust architectures, no device or service is allowed access to corporate data until it proves its identity, and confirms it has previously been granted access. This means that even automated Internet of things (IoT) devices must authenticate themselves before accessing internal databases, and human users must prove they are who they say when accessing any system.
A Zero Trust approach is achievable for businesses of all sizes, especially with the help of MSSPs. Even the most well-planned and best-secured corporation is likely to have invisible gaps in its IT infrastructure, and even the smallest security hole affords a way for threat actors to penetrate systems via malware or ransomware.
Unfortunately, unauthorized ingress is a fact of life, because you can never stop 100% of all threats. Claims to be able to do so (by any vendor) should be taken with a pinch of salt. What is important is having the tools available to instantly stop attackers from being able to move around in your systems, even if they somehow manage to get around your security systems and gain entry to your network.
This is where the real value of the Zero Trust model shines: By requiring devices and users to authenticate themselves and prove who they are before being permitted to access data, you can successfully repel would-be attackers who have only one piece of the identity puzzle – such as stolen or leaked email addresses and passwords purchased on the dark web.
BlackBerry has been leading the fight against ransomware for more than a decade. With BlackBerry’s recent release of new products for MSSPs including BlackBerry® Gateway for Zero Trust Network Access and BlackBerry® Persona Desktop for continuous authentication, helping clients automate their defenses and apply Zero Trust to their environment is much more achievable.
To learn more, check out the new white paper, 10 Proactive Strategies to Defend Against Ransomware and Malware. It contains useful tips and tricks to help you protect organizations against attacks of all types.
To learn more about the BlackBerry MSSP Program, powered by solutions based on the Cylance® AI model, please visit our MSSP Program Site.
Find out more about BlackBerry and the BlackBerry Cylance MSSP Partners Program. Read more BlackBerry Cylance blogs here. Regularly contributed guest blogs are part of MSSP Alert’s sponsorship program.