Report predicts continuing MSP ransomware losses

Third annual report analyses 2021 MSP security trends; Issues predictions and recommendations for 2022.

  • 1 year ago Posted in

ConnectWise has released its 2022 ConnectWise MSP Threat Report - the MSP industry’s most comprehensive guide focused on cybersecurity. In its third year, the report includes analysis of major MSP-related security events and trends from 2021 and top predictions for 2022, including a continued rise in MSP-focused ransomware attacks and increased cooperation among governments to combat cybercrime. 

In addition to predictions of increasing ransomware attacks and more cybersecurity legislation, the following are key findings from the 2022 ConnectWise MSP Threat Report:

The market will see an evolution of a "super-MSP” - MSPs that have joined together, through mergers and acquisitions, as a result of private equity with deep financial pockets that have entered the channel. Cybersecurity has always been a focus for MSPs, but it will be more critical than ever moving forward. 

The SMB market is predicted to spend more in 2022 with a need to make significant investments in cyber detection, response and automation. As a result of growing success by law enforcement to track and shut down malicious actors in 2021, multiple threat actor groups changed their tactics to stay under the radar. ConnectWise predicts that ransomware operators will continue to shift focus on mid-tier organisations that are capable of decent-sized payout, but will not get as much public attention when compromised.

The ConnectWise Cyber Research Unit (CRU) - a dedicated team of threat hunters and researchers that identifies new vulnerabilities in the MSP industry - collected data regarding 500 cybersecurity incidents from MSP partners and their clients. Of those 500 incidents, 40% were related to ransomware. The report also revealed that there was a 10-15% increase in ransomware incidents by quarter, with 56% of all incidents occurring in the second half of 2021. 

For a comprehensive view of findings, download the full report here: https://www.connectwise.com/resources/ebook-2022-msp-threat-report

The 2021 report released by Perch Security, which was acquired by ConnectWise in 2020, accurately predicted that ransomware attacks would continue to become even more MSP-focused. MSPs are a far more lucrative target than individual businesses due to the potential to ransom multiple companies at once, therefore ConnectWise predicts that this will be an ongoing issue for 2022. 

In an effort to drive down cybersecurity complexity, ConnectWise continues to build on its portfolio of advanced cybersecurity solutions that help detect and mitigate the increasing attacks that MSPs are experiencing. This includes solutions in the areas of SIEM, endpoint detection and response (EDR), SOC, and risk assessments.

“With the current political climate and skyrocketing reports of global security incidents, Congress is facing pressure to do more to crack down on cybercriminal activity. However, that won’t happen overnight,” said Raffael Marty, general manager, cybersecurity, ConnectWise. “This report, put out by our Cybersecurity Research Unit, serves as a powerful tool to help MSPs understand and identify vulnerabilities and guide them to make security investments that will rapidly detect and resolve potential threats to protect their businesses and their clients.”

 

In addition, the 2022 report provides a detailed timeline of major security incidents that occurred over the past year. Observations made from that timeline show that MSPs are increasingly being targeted and identifies the top five ransomware groups that the CRU observed targeting MSPs and their clients.

Notable findings from the research also show an 89% increase in endpoint ransomware attacks and a decline in malware arriving over encrypted connections.
Vanta has announced a number of new and upcoming product launches enabling customers to accelerate innovation and strengthen security.
Quest announces Security Guardian solution to reduce attack surface by preventing critical asset vulnerabilities, protecting AD configurations.
Sixty percent of organisations with on-premises solutions reveal that PAM being on-prem prevents them from reaching their goals.
The acquisition unites Conquest Cyber's advanced SaaS technologies with BlueVoyant's premier internal and external cyber defence solutions, creating a comprehensive cyber risk management platform tailored for both enterprise and highly-regulated environments.
With the integration of Imperva starting in January, Thales will help organizations discover and protect sensitive data anywhere, manage access and secure all paths to it.
Nearly all businesses (97%) have been targeted by email-based phishing attacks in the past year and two-thirds have suffered a ransomware attack – that’s according to a stark new report by leading cybersecurity provider, Mimecast, which has revealed the scale of the cybersecurity threat facing businesses today.
More than half of today’s office workers are ignoring important cybersecurity warnings due to being overwhelmed and fatigued from digital communication.