The channel has been warned it cannot afford to neglect security and data backup as cyber threats continue to evolve and MSPs and resellers remain ransomware targets.
Concerns that channel partners are not taking security seriously enough were highlighted a couple of weeks ago, with DNV Cyber research indicating that only around half of those professionals working in critical infrastructure felt confident they had full visibility of the security vulnerabilities their supply chain exposed to their business.
Following on from that type of research and a noted shift towards malware-free attack techniques reported by CrowdStrike’s 2025 Global threat report, the pressure is on the channel to make sure it’s taking steps to protect its own operations and customer data.
“Cyber threat actors are constantly looking to leak data, whether it be through endpoint weaknesses, unclean cyber hygiene practices, or just constantly wearing down businesses with relentless ransomware attempts,” said Mark Appleton, chief customer officer for Also UK. “The advent of AI [artificial intelligence] has taken this one step further; AI has redefined security in many ways, but has also strengthened attack efforts – not necessarily in the quality of attacks, but definitely in the quantity businesses face.
“When it comes to covering your assets, ensuring business resiliency with a robust data backup can be the difference between ransomware attacks crippling your business for good, or staying afloat against relentless attacks,” he added. “This is especially important when managing several backups at once, as failures can easily go unnoticed until it becomes a critical issue, which at that point has become too late to fix.”
Appleton advised MSPs to invest in the tools that were keeping ransomware attacks at bay to make sure they didn’t fall victim to attack.
“Confidence in your recovery solution being able to protect digital assets in the event of a ransomware attack is key,” he said. “This means not just reacting to the most major attacks, but constantly staying vigilant for the minor ones that might be causing damage just under the surface. MSPs in particular need a unified recovery approach that accounts for scaling to business sizes, and protecting and governing data across many silos, all without skimping on service.”
Remote ransomware
Ransomware attacks continue to evolve, and last month, Sophos X-Ops noted a 141% increase in remote ransomware since 2022, and a 50% increase since 2023. The supplier warned that it was becoming popular for criminals to try to use unmanaged and unprotected devices across the network to target victims.
Sophos advised active asset management, identifying unmanaged machines, using tools to monitor file contents and transfers over the network, and practicing good cyber security hygiene.
Chester Wisniewski, director and global field chief information security officer at Sophos, said it meant even more care had to be taken when securing an extended infrastructure.
“Remote encryption has now become a standard part of ransomware groups’ bag of tricks,” he said. “Every organisation has blind spots and ransomware criminals are quick to exploit weaknesses once discovered. Increasingly, the criminals are seeking out these dark corners and using them as camouflage. Businesses need to be hyper-vigilant in ensuring visibility across their entire estate and actively monitor any suspicious file activity.”