Cybersecurity Trends for MSPs to Watch in 2022 | #emailsecurity | #phishing | #ransomware | #education | #technology | #infosec


As the curtain came down on 2021, our friends over at Norton came up with a list of 115 cybersecurity statistics and trends to know.

Author: Adi Pick, SEO content marketing manager, Atera

But what’s ahead for MSPs that are navigating the cybersecurity market? We’ve summarized 10 of the most relevant cyber statistics for individuals and SMBs to know in 2022, so you can show your IT provider some love, and make sure you and your loved ones have a happy and cyber-safe year!

1. Over 75% of targeted cyberattacks start with an email

That’s right, as much as you’d love to believe that email telling you you just won an all-inclusive cruise to the Bahamas, or the Nigerian prince begging you for just a few dollars (and maybe your bank account information), tread with caution.

In the unfortunate event that you were to receive this kind of email, don’t send them any money or give them your bank info, no matter how sad (and believable) their story is, or appealing the reward they promise is.

If you’re ever in doubt whether an email is legitimate or spam, make sure to not click the link through the email, but rather open up the website yourself on your browser.

2. Since the COVID-19 pandemic began, the FBI has reported a 300% increase in reported cybercrimes.

As if living in lockdown amidst a global pandemic wasn’t bad enough, cyber-criminals have weaponized COVID-19 through fake news, scams, and phishing websites, all of which are at an all-time high. Phishing websites are often difficult to spot, and many of them take advantage of the pandemic by preying on the goodwill of businesses, such as leveraging fake websites offering free trials or giveaways, while stealing data or executing malware attacks once users click on the link.

With work transitioning from suits to pajamas, we’ve all been a part of quite a few Zoom calls. But, were you aware that there are more than 500,000 Zoom credentials for up sale on the dark web? Exploits that mirror the way that Zoom installs but actually contain malware are also unfortunately becoming more popular.

But just because cybercrimes are on the rise, doesn’t mean you or your clients have to fall prey to them. By educating your clients to look out for the warning signs of potential cybercrimes, like offers that are probably too good to be true, attachments that are suspicious, awkwardly incorrect English, and email addresses that look almost right, can do wonders in terms of staying safe.

We also love the Atera integration with Acronis, which improves the efficiency of your IT teams’ ability to manage Cyber Protection services across hundreds or thousands of endpoints.

3. Only 13% of consumers use a VPN to protect their online privacy.

A VPN—a virtual private network—extends over a public network and allows you to share and receive data as if you were directly connected to a private network.

It is one of the best methods of protection you should seriously consider when using a public wifi network, or a router you don’t trust.

You can get access to a VPN through several companies such as Norton, NordVPN, ExpressVPN, and others for a very small fee. Starting at just $7.99/month with Norton’s VPN service, there is no real reason to not use a VPN as protection.

If you need more convincing why a VPN is important, check out this funny commercial we came across.

4. Business email compromise or email account compromise internet crime victims experienced a loss of $1,866,642,107 in 2021.

Based on the first three statistics of this article, this one should not really come as a surprise.

So besides the usual suspects of how to help protect you and your clients from email-related cybercrimes, we’ll let you in on a little secret: here at Atera, we chose to partner with Webroot for cybersecurity, as well as Bitdefender to stop threats before they result in data breaches.

The Webroot platform has strong Identity and Privacy features, guarding against even very convincing phishing scams. Not to mention Webroot’s state-of-the-art technology does not rely on known signatures, but rather also protects against anything aberrant.

5. 70% of online fraud is accomplished through mobile platforms.

Given that we use our phone devices for everything from online banking to ordering coffee, it makes sense that more and more fraud will take advantage of our smartphones, leaving companies exposed to data breaches, incidents of unauthorized data access, and heightened security risks.

MDM stands for ‘Mobile Device Management’, and refers to the management, monitoring, and securing of corporate or personal mobile devices like smartphones and tablets, often by using MDM software. MDM enhances corporate data security because it allows MSPs to control and distribute standardized security policies to devices that are party to sensitive corporate data.

By using MDM software like Atera for example, MSPs and IT managers are able to minimize security risks because they are able to control and protect the data of all mobile devices in a network.

6. 37% of organizations were hit by ransomware last year.

More than one-third of organizations were hit by ransomware in 2020—like the famous SolarWinds attack of Spring 2020—and the most popular way for cybercriminals to launch malware and ransomware attacks is by phishing.

In order to protect your business and clients from phishing and ransomware attacks, you can remind them of the following protocols:

  • Be extra cautious when receiving emails from unknown senders, especially if they come with attachments.
  • Look out for strange spelling errors like subbing a zero for an o, and other grammatical mistakes, as they’re often signs of a scam.
  • Use the hover function to check the URL of the link that’s in the email. If it is not the same as the email URL, do NOT click it!
  • Never provide any confidential or financial details by email, even if you’re 1000% you’re emailing the person you think you are.

7. On average, only 65% of the encrypted data is restored after ransoms are paid.

You know what would suck? Being hit with a ransomware attack, pay the hacker, and still not get your data back. Ouch.

But have no fear, robust MSP software is here!

With vigorous MSP software, you can extend your data collection and protection to new heights, all while knowing your data is stored safely and remotely, but you can access it whenever you like.

To prevent data breaches, you’ll need to invest in the security of your customer’s information and your business’s data. There are several strategies you can implement to prevent data breaches, including the following:

  • Use authentication: Your database should be equipped with as many security features as possible. If you can use authentication processes, set them up to ensure only authorized users have access to customer information.
  • Implement remote monitoring and management (RMM) software: RMM software basically snoops on your database at all times.
  • Change passwords frequently: Encourage all database users to employ the best password practices and to change these passwords frequently.

8. 55 million consumers were victims of identity theft in the past year.

There are many ways that cyber criminals access personal data in order to conduct identity theft, such as:

  • Weak or stolen passwords
  • Lack of employee of proper security measures
  • Application vulnerabilities and back doors
  • Sharing sensitive information when using a public wifi network
  • User error and improper configuration of security measures

So, how does one minimize the risk for cyber-induced identity theft?

  • Use a private VPN when using an open wifi network
  • Never leave remote work devices unattended in areas they can be stolen or picked up easily, even if just for a few minutes
  • Keep devices updated as many updates include enhanced measures for security vulnerabilities found in their software
  • Always use a security software or antivirus software you trust
  • Create passwords that include both uppercase and lowercase letters, numbers, and symbols, and don’t reuse the same passwords
  • Don’t click on a link asking for sensitive information, but rather open up that application or website yourself in your browser

9. More than half of all cyberattacks are committed against small-to-midsize businesses.

As much as we’d like to believe that no one would try to hack our small, independent business, Norton’s report states otherwise.

So, how can we stay protected against these attacks?

A great idea that is really actionable as an MSP (and was brought up on an episode of MSP Minds), is to have your employees or clients sign a do’s and don’ts form! This could include anything from “don’t plug in foreign USBs” to “do use a password manager to not reuse passwords” to “don’t write your passwords on a post-it and leave it on your desk!”

Educate your clients to look out for the warning signs of these kinds of scam, like attachments that are suspicious, typos, grammatical errors, or to anything that appears too good to be true (hint: it probably is).

10. One in five adults in a romantic relationship believe their partner is at least somewhat likely to plant stalkerware on them.

Firstly, if you make up one of the 20% who think their partner may be using technology to spy on them, we encourage you to seek professional help, that is not okay and you absolutely deserve better than that.

Second, according to Norton, nearly one in 10 adults who have been in a romantic relationship (8%) used an app to monitor a current or former romantic partner’s device activity.

Most stalkerware apps, as you probably suspected, are concealed or camouflaged in some way.  But many stalkerware apps also use misleading app titles or icons, like “Battery Saver” or “System Services.” Prior to Android version 11, apps could even be configured to hide their app icons from the home screen altogether, making it extremely difficult to know whether any stalkerware apps were installed on your device.

The good news is that there are several steps you can take to ensure your mobile device is stalkerware-free.

  • Uninstall any app that you don’t recognize
  • Upgrade to Android 11 or a later version, if you’re an Android user
  • Install a security app to monitor your device, that will scan for potentially unwanted apps and flag them for you

Protecting our MSPs in 2022 and Beyond

While cybercrimes become more and more prevalent, protection against them is also experiencing advancements.

Whatever your fears are when it comes to protecting your own business and your clients in 2022, we want you to know that we’re here to help!

If there’s a particular feature you’d like to see as part of your Atera subscription that we don’t currently offer, let us know!

May we all have a happy and (cyber) safe new year!

Author Adi Pick is an SEO content marketing manager at Atera. Read more guest blogs from Atera here. Regularly contributed guest blogs are part of ChannelE2E’s sponsorship program.


Source link