IT Nation Panel: Ransomware Is The Biggest Challenge Facing Security Firms

Ransomware has become the most nefarious challenge for security vendors today because of the inability of existing technologies to remediate once the damage has been done, panelists at ConnectWise's IT Nation agreed Thursday.

"Ransomware is just something that you can't clean up," said Marin Kleczynski, CEO of San Jose, Calif.-based Malwarebytes. "It's gotten to the point where the FBI director basically said, 'Just pay the ransom.' "

Even though the frequency of ransomware attacks hasn't much changed, the increased severity of these breaches has made it the most vexing issue facing partners and end users of San Diego, Calif.-based ESET NA, Stephen Cobb, the company's senior security research, said during a breakout panel at the conference in Orlando, Fla.

[Related: ConnectWise To Bring Four Technologies Together On Single Platform]

Sponsored post

"Just one of those [attacks] is a big problem, because it is so terminal if the person doesn't have backup," Cobb said.

Despite Malwarebytes' priding itself on having a great remediation product, the vendor has become more concerned as the ransomware attacks grow in size, Kleczynski said. This has prompted Malwarebytes to commit to building a product designed specifically to remediate the danger from ransomware, Kleczynski said.

"We need to build a silver bullet for it," Kleczynski said. "There's just no way you can approach it the way that Malwarebytes has in the past."

Although Kaspersky and other vendors have released keys that can clean up and decrypt some of the most common encryption algorithms, Kleczynski said new attack vectors keep popping up all the time. That's why Malwarebytes is looking to find something to remedy all ransomware attacks.

For now, though, Kleczynski urged partners and customers not to reward bad behavior by paying the ransom. Still, he acknowledged that telling customers without backup that their digital heirlooms are gone forever can be extremely difficult.

Short of a cure, Cobb said, the best thing vendors and MSPs can do is aggressively push backup offerings. ESET has done a lot of education around backups on both the consumer and commercial sides of its business, according to Cobb.

"Every business should have a good continuity backup strategy in place, and [ransomware] is one area where it's the last line of defense," Cobb said.

Cobb noted that backup is also vital for business continuity in the event of a fire or natural disaster.

"Security wasn't just always about criminals," he said.

Ransomware has helped drive the monetization of malware from being primarily a tool for information espionage to being a big business in its own right, with kits sold on the black market to help facilitate even more vicious attacks, according to Hal Lonas, chief technology officer at Broomfield, Colo.-based Webroot.

Ransomware has become the single biggest source of time and worry for Factory IT, according to co-CEO Zach Huseby, given the impact a successful attack would have on his company's reputation.

"If you lose data, you lose clients," Huseby said. "You're better off paying [for backup] than not being able to recover anything at all."

For this reason, backing up customers has become the single most important thing the Jackson, Wyo.-based ConnectWise partner does for its customers on a day-to-day basis, Huseby said.

But not all MSPs have followed Factory IT's lead, said Huseby, who continues to see competitors employ low-quality backup solutions and risk losing everything should a ransomware attack successfully strike.