Channel partners predict more ransomware cases in the offing

Cybersecurity services providers believe the recent WannaCry ransomware outbreak could be just the dress rehearsal for bigger attacks; more news from the week.

The WannaCry ransomware outbreak may have largely spared the U.S., but channel partners and customers should remain vigilant as additional attacks are a near certainty.

That's the thinking of cybersecurity services companies in the days following the attack, which launched May 12 and affected more than 200,000 computers with ransomware cases reported in 150 countries. WannaCry ransomware is built on the EternalBlue exploit discovered last month in a Shadow Brokers dump of NSA-linked exploits. The ransomware takes advantage of a flaw in Microsoft's Server Message Block.

Zohar Pinhasi, CEO at MonsterCloud, a company that offers mitigation and recovery services for hacking and ransomware cases, said his firm received about 300 calls regarding the latest attack from companies in the U.S. compared with 3,000 to 4,000 globally. He said his company has worked on about 2,000 ransomware cases, overall, including the WannaCry attack.

The attack made a bigger impression in Europe, where the United Kingdom's National Health Service was among the high-profile victims. But the next ransomware attack will probably have a wider impact, according to Pinhasi.

"The European market was a test drive" to assess WannaCry's potential, he said. "Unfortunately, it is just a matter of time before the next wave will hit and most likely the next wave will be a much bigger wave than this current one."

James Taliento, CEO at Cursive Security, a company based in Huntington, N.Y., that provides managed security, cybersecurity advisory and training services, said he has talked to managed service provider (MSP) colleagues over the past few days and has only found one person who was dealing with a small ransomware outbreak.

Unfortunately, it is just a matter of time before the next wave will hit and most likely the next wave will be a much bigger wave than this current one.
Zohar PinhasiCEO, MonsterCloud

"I think the majority of MSPs have been very good about this," he said, noting that security-oriented MSPs have been preaching to their customers about continuous patching and vulnerability management.

The more limited number of WannaCry ransomware cases in the U.S., however, shouldn't be cause for optimism. Pinhasi said the U.S. could be hit harder in the next wave of attacks. "The future doesn't look bright and that is an understatement," he said. 

Taliento said he believes that the WannaCry attack won't be the last.

"This is just the tipping point," he said, noting the ongoing leak of hacking tools.

ConnectWise, Kaseya exchange salvos

Competition between ConnectWise and Kaseya, companies that supply business management software to channel partners, has taken a new turn.

Kaseya on May 10 said The 20, a business development group for MSPs, dropped ConnectWise's professional services automation (PSA) offering in favor of Kaseya's BMS PSA product. Kaseya's press release announcing the customer switch stated BMS "rectifies the mistakes of first-generation PSA solutions, such as ConnectWise" and also cited a migration tool feature that "specifically migrates ConnectWise customers."

This week, ConnectWise responded to Kaseya through a written statement from Adam Slutskin, executive vice president and chief revenue officer at ConnectWise.

"As you likely know, one of ConnectWise's competitors has been quite vocal in the media recently as it repeatedly denounced ConnectWise solutions and denigrated its reputation," Slutskin wrote.

Slutskin's statement also contends that a "representative from the same company is also leaving voice messages with ConnectWise partners stating that ConnectWise will be shutting down ConnectWise Automate (formerly LabTech), that it will be raising prices, and that a mass customer defection is underway."

The ConnectWise statement denies that the company is shutting down ConnectWise Automate, adding that it "does not have plans to raise prices at this time." The company also denies a mass exodus is taking place, citing 22% revenue growth for Q1 2017.

"Spreading lies and starting rumors such as the ones being circulated by one of our competitors is a despicable marketing practice and goes beyond the realm of healthy competition," the statement said.

In a written statement, Fred Voccola, CEO at Kaseya, wrote "there is no truth to the rumor that Kaseya has been spreading lies about ConnectWise or the end of the LabTech product." He said Kaseya does not "practice or condone poaching behavior that includes making up false information about our competitors."

However, Voccola said ConnectWise is no longer updating its PSA integration with Kaseya's VSA remote monitoring and management product, noting that Kaseya has been "actively informing customers of this news."

ConnectWise, meanwhile, has issued additional rebuttals in a blog post.

Report: Private clouds lead the adoption race

Everyone is in for the cloud -- well, nearly everyone. That's among the findings of a TriCore Solutions survey of more than 200 IT professionals. According to the company, 85% of the organizations it studied are adopting the cloud or are considering doing so. The survey also suggested public cloud adoption still has considerable upside: Nineteen percent of IT professionals polled said their organizations use public cloud. Forty-nine percent of the survey takers use private clouds and 32% use hybrid clouds, according to TriCore Solutions, a managed applications, infrastructure and consulting company based in Boston.

The survey also discovered that many companies seek assistance with digital transformation: "More than half of respondents rely on a cloud provider and 35% rely on a[n] ... MSP to ease uncertainty about the best -- or most realistic -- path to digital transformation."

Other news

Channel companies marketing to line-of-business buyers may need to push a little harder. A CompTIA survey of 675 U.S. businesses found that the "vast majority" of LOB buyers don't work with outside companies to implement, integrate or manage IT. The findings were released in the CompTIA report, "Considering the new IT Buyer."

SADA Systems, a business and technology consulting company based in Los Angeles, said it will provide services around Orbitera's multicloud commerce platform. SADA said it will help "customers select cloud solutions" available through the Orbitera Marketplace. Google announced the acquisition of Orbitera in August 2016.

United VARs, a global alliance of SAP channel partners, has selected Symmetry as the worldwide infrastructure partner for the alliance's SAP HANA cloud services platform. Symmetry, based in Brookfield, Wisc., will host and manage deployments of the United VARs Cloud Solution for SAP HANA. Symmetry is an application management and hybrid cloud hosting solution provider.

Channel partners will soon have a new ruggedized laptop to offer.

Panasonic debuted the Toughbook 33, a ruggedized 2-in-1 detachable laptop, which Panasonic said will be available through authorized resellers later this month.

Data protection vendor Datto named John Tippett as vice president of Datto Networking. In his new role, Tippett will look to drive the adoption of Datto's managed networking devices by MSPs. Tippett's previous roles include vice president and general manager at Aisle8.

NGDATA, a customer data platform vendor based in Gent, Belgium, said it has agreed to acquire Eccella, a data management and analytics consulting firm. Eccella, based in New York, specializes in the area of data-driven consulting and systems construction. The purchase is part of NGDATA's North American and global growth strategy, according to the company. NGDATA may make additional acquisitions. "Going forward we are definitely looking at other opportunities," said Luc Burgelman, CEO at NGDATA.

In another international deal, Bartragh Services LLC, a simulation, training and intelligence company based in Tampa, Fla., has purchased C4i Consultants Inc., a software development and training services company based in Calgary, Alta. The transaction has resulted in the launch of a new company, C4i Training and Technology Inc., which will be based in Calgary.

Dome9 Security, a cloud infrastructure security provider, launched a channel program and signed a partnership with Westcon-Comstor, a value-added distributor. The Dome9 Cloud Protection Partner Program aims to help the company create a channel ecosystem that meets the needs of enterprise customers with workloads in public cloud platforms, including Amazon Web Services, Microsoft Azure and Google Cloud Platform.

TeamViewer's collaboration products will be made available on Alibaba Cloud under a new partnering agreement. Alibaba Cloud is the cloud arm of Alibaba Group.

Market Share is a news roundup published every Friday. Additional reporting by Spencer Smith.

Next Steps

Learn how channel partners are defending customers from ransomware

Get the channel's take on differing security architectures

Find out how channel partners are dealing with security integration

Dig Deeper on Cybersecurity risk assessment and management