CrowdStrike Report: Ransomware Surges
CrowdStrike, an Austin, Texas-based cybersecurity company, has unveiled a new research report detailing an 82% increase in ransomware-related data leaks. The company’s 8th annual Global Threat Report also outlines new operations and techniques from Iran, China, Russia and North Korea.
The report documents both the continued evolution of nation-state affiliated and criminal adversaries, as well as the increased sophistication, velocity and impact of targeted ransomware, disruptive operations and cloud-related attacks in 2021. Among the highlights, financially motivated eCrime accounted for nearly half (49%) of all observed activity. CrowdStrike Intelligence observed an 82% increase in ransomware-related data leaks in 2021, with 2,686 attacks as of December 31, 2021, compared to 1,474 in 2020.
CrowdStrike Intelligence saw on average over 50 targeted ransomware events per week with demands averaging $6.1 million per ransom, up 36% from 2020.
Adversaries are increasingly exploiting stolen user credentials and identity to bypass legacy security solutions.
Iran-based adversaries adopt the use of ransomware as well as “lock-and-leak” disruptive information operations – using ransomware to encrypt target networks and subsequently leak victim information via actor-controlled personas or entities.
In 2021, China-nexus actors emerged as the leader in vulnerability exploitation and shifted tactics to increasingly targeting internet-facing devices and services like Microsoft Exchange. CrowdStrike Intelligence confirmed China-nexus actor exploitation of 12 vulnerabilities published in 2021.
Russia-nexus adversary COZY BEAR expands its targeting of IT to cloud service providers in order to exploit trusted relationships and gain access to additional targets through lateral movement. Additionally, FANCY BEAR increases the use of credential-harvesting tactics, including both large-scale scanning techniques and victim-tailored phishing websites.
The Democratic People’s Republic of Korea (DPRK) targeted cryptocurrency-related entities in an effort to maintain illicit revenue generation during economic disruptions caused by the COVID-19 pandemic.
The findings are useful to channel partners seeking to mature their security strategies and defend their clients against cyber threats.
AvePoint Enhances Global Partner Program
AvePoint, A New Jersey-based SaaS and data management platform provider, has announced enhancements to its global partner program for MSPs, VARs, cloud consultants and DevOps partners.
In addition to training/enablement, and 24/7 live support, AvePoint is introducing a partner certification program for engineers, pre-sales teams, and product specialists. It includes technical and sales tracks to help partners understand how to administer secure collaboration environments and enable them to design custom cloud solutions. Certifications will also signal a differentiated level of expertise in AvePoint’s industry-leading technology, helping them to source more business and exceed competitors.
The company has also formed a Partner Technical Advisory Council (PTAC) comprised of strategic Invested Partners from around the globe. The quarterly PTAC meetings will help bring AvePoint’s global technical resources and Invested Partners together to strategize innovative solutions that help end-users overcome complex transformation, governance and compliance challenges in the cloud.
Since launching the global partner program, AvePoint has ensured all updates to its enterprise-grade technology are available for partners via the Elements MSP portal. Recently, AvePoint’s leading Cloud Backup capabilities for Google Workspace and Salesforce have been integrated, which is critical as businesses increase the SaaS platforms they use for work, as well as automated risk assessment reports.
New functionality within the partner portal helps partners manage renewals and the lifecycle of their subscriptions.
“From day one, the AvePoint channel strategy has centered around anticipating the needs of our modern partners, and the partner of the future,” said Jason Beal, SVP Global Channel and Partner Ecosystems. “The new certifications program and partner renewals automation are two examples of our constant evolution to understand and best service our partners.”
By the end of 2021, AvePoint had over 2,800 total partners, of which, over three quarters were active MSPs. In addition, as reported in 3Q earnings, AvePoint experienced triple-digit growth in monthly recurring revenue from the AvePoint Elements Managed Services Platform.
The enhancements are intended to provide partners with the right technology and tools to capitalize on collaboration security revenue opportunities.
SmartPM Unveils New Consulting Partner Program for Construction Vertical
SmartPM Technologies Inc., which markets a schedule analytics and project controls solution, has rolled out its new consulting partner program.
Headquartered in Atlanta, the company launched its Schedule Optimization Platform in 2019, designed specifically for the construction industry. The cloud-based offering infuses project management software with essential data from the construction schedule and then analyzes it with proprietary technology, automating schedule analysis while extracting insights to reduce delays and overruns.
“While consultants often view software as competition, SmartPM’s Consulting Partner Program enables consultants to provide even more value and services to their clients,” said Sara Giacobbi, Vice President of Customer Success at SmartPM Technologies. “Most SmartPM clients would benefit from the consulting, basic scheduling training, and managed services that our consulting partners can offer.”
The new partner program includes basic scheduling training, product training, delay analysis, project insights, and ongoing support and monitoring for existing projects. Consulting partners will also receive customer support to expand client adoption, priority access to sales training for client growth, and co-branded marketing programs.
The first companies to join the program include Alpha Three, CDI Experts, CES Consulting, Claim Ledger, Foresight Planning and Engineering Services, Gleeds, Hendershot Consulting, and JM Consulting Services.
With benefits and resources designed to bring more value to its partner-based ecosystem, the program is expected to drive new business opportunities, deeper engagement with clients, and increased profit for partners.