As Conti Ransomware Rises, Targeting Backups, MSSPs Must Stay Alert

Cyber criminals are targeting data backups and managed security service providers need to remain alert. On Wednesday, Advanced Intelligence, a cyber-risk prevention firm, published a report showing that the Conti ransomware gang has its eye on backups.

Conti is considered a ransomware-as-a-service (RaaS) variant; however, there is a variation in its structure that makes it different. It’s likely that Conti developers pay their deployers a wage rather than a percentage of the proceeds used by affiliate cyber actors. In addition, they get a share of the proceeds from a successful attack. The group has gotten especially adept at targeting Veeam platforms, the report says.

When it comes to Advanced Intelligence’s findings, by the way, Veeam disagrees.

Veeam’s Rick Vanover

“The [advice] is too limited in its specifics and does not align to the advice Veeam provides customers and partners,” Rick Vanover, senior director of product strategy at Veeam, told Channel Futures. “There are more options than ever to keep backup data safe with Veeam (including air-gaps, offline backups and immutable options) which are not addressed.”

Overall, Palo Alto Networks says, “Conti ransomware stands out as one of the most ruthless of the dozens of ransomware gangs that we follow.”

As all types of ransomware present ever bigger problems for enterprises and their channel partners, the slideshow above looks at some new reports on the topic, and a couple new backup products built to help users avoid breaches.