MSP Ransomware Preparedness Assessment

MSPs and the channel community can whitelabel our ransomware preparedness assessment to help their customers proactively address ransomware security gaps.

Learn More

MSPs were the most targeted industry by ransomware attacks in 2021.

According to Check Point Technologies (source)

Ransomware Preparedness Assessment

Validate Ransomware Defenses

The most talked about cybersecurity subject in 2021 might be Ransomware. The number of attacks skyrocketed and the money paid out to criminals followed suit. Companies being targeted in these attacks range from small mom-and-pop shops to large conglomerates that can effect an entire nation’s economy (we’re looking at you, Colonial Pipeline). The rise in popularity is likely due to the economics of ransomware attacks – successful campaigns are demanding upwards of $5M and sometimes receiving it.

How would you and your customers do against a ransomware attack? This is the question our Ransomware Preparedness Assessment looks to answer. As with all of our services, we only sell via the channel and therefore allow our partners to whitelabel the ransomware assessment.

What Does a Ransomware Preparedness Assessment Evaluate?

Endpoint Defense Against Specific Ransomware Strains

Security Controls Related To Ransomware

Response and Recovery Capabilities

External Network Security Posture

Internal Network Security Posture

Technical Controls Related to Social Engineering Attacks

Ransomware Preparedness Assessment Methodology

Our whitelabel Ransomware Preparedness Assessment enables the channel to deliver a service to proactively address ransomware security issues and concerns. This assessment uses a unique five-phased approach that provides quantifiable data about how a companies cyber defenses would hold up to a real ransomware attack.

Phase 1: Ransomware Simulation

The assessment begins with a ransomware simulation. This allows an organization to test their security controls against common and prevalent ransomware strains. This will help validate security investments & configuration, while also determining what attacks they are vulnerable to & how to fix any gaps or misconfigurations in their security posture.

Phase 2: External Network Penetration Test

For a threat actor to successfully deploy ransomware, they must first gain initial access into the environment. Our team will evaluate your external attack surface to identify any vulnerabilities or misconfigurations that might allow an attacker to pivot into the internal network. This includes the use of popular automated tools, but a majority of our time is spent doing manual work. Our report will detail any findings while also providing actionable remediation steps to fix any issues. Read more about the details of our external network pentest here.

Phase 3: Spearphishing Assessment

Another common way to gain initial access into an environment is phishing or spearphishing.  Attackers can often leverage public information to create tailored and compelling emails while impersonating a trusted person or organization. Unlike automated email phishing solutions, our assessment goes beyond tracking “clicks” to determine the impact to the business. This allows us to determine technical controls that could help reduce the impact of a phishing attack.

Phase 4: Internal Network Penetration Test

Once an attacker gains access to the internal network, they will attempt to laterally move across the environment so that they can encrypt multiple machines & the data on them. The more machines the attacker is able to access, the more leverage they have to demand a larger ransom payment. Our internal network pentest will identify vulnerabilities and misconfigurations that may allow privilege escalation and lateral movement. The report will detail any findings while also providing actionable remediation steps to fix issues. Read more about the details of our internal network pentest here.

Phase 5: Ransomware Risk Assessment

The final phase is a risk assessment includes remote interviews with up to 3 technical individuals/teams to assess critical controls, tools, and processes that can mitigate the impact of a ransomware attack. The key topics have been identified as high priorities for both security and cyber insurance reasons. The topics include multi-factor authentication, endpoint security and monitoring, patch management and vulnerability scanning, as well as privileged access management.

Contact Us

Get in touch to explore how we've worked with other MSPs to deliver ransomware preparedness assessments to their customers.

Ransomware Spotlight Series

Get up-to-date analysis and notifications about different ransomware strains.