Till a few years back, ransomware attackers focused on “quantity” rather than “quality“.
We have seen several such incidents; one of the highest profiles among them was the WannaCry attack of 2017, which had hit a massive number of targets, however, claimed a small ransom from each of those targets.
Definitely, this tactic was sufficient for the cybercriminals to make money – we’ve witnessed that. But most often, it caused more trouble than it was worth, as an average set of victims haven’t had any idea of how they should pay the ransom. Hence, the attackers needed to take the extra efforts of coaching these individuals throughout the process!
So, gradually, the bad actors shifted their trends. They started to focus on high-value, targeted attacks. Rather than trying to wrest a meager ransom from many victims, modern hackers started to craft attacks and spear-phishing emails targeting broad audiences with more resources, and capable of paying a much higher amount as ransom.
And eventually, with the changing trends, the managed service industry now finds itself in the cybercrime spotlight, thanks to the news items that dominated the headlines in recent months!
Attacks On MSPs – Through The Headlines
The concern of cyber criminals gaining access to business’ networks by targeting the concerned Managed Service Providers (MSPs) is on a constant rise.
And when it comes to the set of viral headlines, a report from Reuters on China’s Ministry of State Security is the one which can’t be missed out. The news stated that hackers in China’s Ministry of State Security hacked networks of eight famous MSPs to steal commercial secrets from their customers. Nothing more to say, but the victims’ names will clarify the seriousness of the issue – Ericson and U.S. Navy shipbuilders!
Following this, there was another significant report on an MSP based in California, which was hit by a severe ransomware attack and paid a considerable sum of a ransom in a bid to restore its operations. Same as this was the case of the MSP Synoptek, which was hit by the most dangerous Sodinokibi ransomware.
Another most frightening episode was a coordinated ransomware attack operated by unknown predators, on around 22 governmental entities of Texas city, the USA. The months of investigations led by state and federal authorities detected that the criminals used MSPs as an entry point to the community networks.
And thus goes the stories…
The cases mentioned above are just a few from the notable ones of cyberattacks on MSPs. But here arises the next concern – “why always MSPs?”
Why Are MSPs Targeted?
With an uncontrollable rise in the number of cybersecurity incidents, it becomes a lot easier for MSPs to sell cybersecurity services.
But still, a rising concern is around cybercriminals who gain access to diverse business networks by targeting the MSPs that support those businesses. This is a sophisticated tactic followed by the attackers, as breaching a single MSP’s systems will open a door for them into all of the networks that particular MSP supports.
From an attacker’s perspective, will that be a lot easier than breaking into each business’s network individually?
So, While Choosing MSPs…
According to experts, attacks on MSPs won’t be slowed down anytime soon. So, while SMEs (Small and Medium Enterprises) depend upon MSPs, they need to ensure that the respective MSP substantiates this list of measures.
- Secure Configuration – Managed Service Provider must have a robust security governance framework. In the EU, SMEs require an MSP that satisfies GDPR (General Data Protection Regulation), HIPAA ( Health Insurance Portability and Accountability), and PCI DSS (Payment Card Industry Data Security Standard). Similarly, know the security standards demanded in your area and make sure the MSP functions complying with those standards.
- Security Maintenance – Meeting the security standards alone will not protect the MSP. The security team of MSP must secure the operations, and frequently check for any possible attacks. They must be ready to face and prevent any IT attacks, at any time.
- Employee Awareness – MSPs employees must have a vast knowledge of cyberattacks and cybersecurity. In several cases, data breaches occur in MSP through human errors. So, MSPs need to have highly qualified, expert, and trustworthy employees to carry out operations efficiently.
- Foresightedness on Cyber Threats – MSPs should design and develop their services with total security in mind. They must include cybersecurity measures to prevent, not only the current form of attacks but also the upcoming, advanced ones.
- Responsibility on Data – Even if MSPs satisfy all the security measures, the prudent cybercriminals may sometimes penetrate the systems. Therefore, MSPs must have an agreement stating their responsibilities for company data.
Select an MSP that satisfies all the criteria mentioned above. Along with that, remember to test and ensure your systems are appropriately secured every time. After all, the assurance of your safety is your responsibility.
For more guidance and services regarding cybersecurity, you may contact Cybernetic Global Intelligence – an accredited PCI DSS QSA Cybersecurity Company. Call 1300 292 376 or drop a mail to Contact@cybernetic-gi.com, for instant assistance.