Does Social Engineering Threaten MSPs?
As businesses of all shapes and sizes begin to adopt more effective cybersecurity strategies to prevent the intrusion of viruses and malware, attackers have begun to shift their approach to be more “organic” and trick victims into freely giving up the information they need. They accomplish this with a sophisticated technique called social engineering.
The most dangerous aspect of social engineering is how bad actors can manipulate victims with various offers, threats, and other tricks that fool otherwise unsuspecting users or employees into allowing access to confidential or sensitive data. As an MSP, it is critical to not only install the proper security measures to prevent social engineering attacks, but also educate your end users and prepare for the possible attack.
What is Social Engineering?
There are numerous methods of executing a social engineering attack, but the most famous and prevalent by far is phishing. According to a recent study by Digital Guardian, about 91 percent of data breaches stem from phishing attacks. Phishing attacks usually come in the form of an email, carefully crafted to look as though it is from a trusted source. However, cyber criminals are behind the scenes, trying to trick victims into downloading a malicious attachment, clicking on a dangerous link or providing sensitive information.
First, they profile their target by learning as much as they can about them through various social prospecting methodologies (such as Facebook copy and paste quizzes), then they hook their target using that prospected personal information to gain a foothold and entry point into the system. Next, they continue to expand the foothold, execute their attack and carry out their purpose. Finally, they make a swift exit without arousing suspicion by removing all traces of their presence and covering their tracks.
How Does it Threaten MSPs?
This past summer the United States Department of Justice indicted two hackers who were part of the infamous hacking group APT10. They were charged with allegedly infiltrating MSP networks via a social engineering attack to install undetectable malware associated with the victim endpoint’s operating system. Once they gained a foothold, they not only stole hundreds of gigabytes worth of sensitive data and information from the penetrated MSPs, but also used the MSPs’ information to also gain access into their client’s systems and networks.
While the aforementioned scenario is worst case, it is a good tale of warning for any MSP. Even if you have the proper security measures in place to stop malicious email messages and malware on an endpoint, cybercriminals can still bypass them as they become more innovative in penetrating your network. They can use embedded URLs or weaponized gray mail to easily bypass your filtering measures and install undetectable malware on your computer without your knowledge. All they need to do is find the perfect vulnerability in your organization.
There really shouldn’t be any doubt as to how bad actors having access to both you and your client’s networks is a terrifying thing as a business owner and individual citizen. About 66 percent of IT managers that work for businesses of 50 to 1,500 employees say their company would close down following an attack. This undoubtedly could lead to massive lost opportunity costs for the various businesses you serve. Around 22 percent of these companies even went as far as saying they would go out of business following a cyberattack. As an MSP, you can’t risk leaving anyone vulnerable to social engineering attacks.
So, you may be wondering, how do I prevent this threat?