Protecting MSPs from Cyber Attacks

Written by Netsurion Guest Blogger
March 19, 2019

Eliminate the domino effect from MSP compromise that can damage reputation and trust across a portfolio of your hard-earned clients.

As a Managed Service Provider (MSP) offering IT infrastructure and end-user systems, your clients rely on you with their valuable assets, sensitive data and intellectual property. MSPs are often viewed as trusted advisors that augment their customers’ teams and therefore often have the keys to the kingdom in the form of privileged access to their systems and servers. MSPs are also vital players in the global supply chain with their clients across all verticals such as retail, wholesale, regulated industries and critical infrastructure. A compromise in one MSP can propagate to other clients and organizations, creating a domino-like chain reaction if not adequately mitigated.

What security best practices can MSPs utilize to avoid becoming a headline?

Why MSPs Make Attractive Targets

Attackers target MSPs for one of two reasons: to make a political statement or, more likely, to acquire valuable intelligence and confidential business data to use or monetize. With over 35,000 MSPs worldwide, there are ample candidates to attack by identifying security gaps and vulnerabilities. Successfully breaching one MSP is efficient for attackers who gain access to hundreds if not thousands of clients; persistent adversaries may also target a specific government or large corporation and hope MSPs are the “weakest link” in the attack chain.

MSP Vulnerabilities Continue In 2019

Despite the previous DHS alert to MSPs regarding adversaries trying to infiltrate service providers, industry incidents this year include:

Ryuk ransomware hit a California-based cloud and data center provider along with thousands of its customers.
Hackers infiltrated a Norwegian managed service provider with 850,000 global clients and compromised credentials and logins.
Nine service providers in Australia experienced attacks from threat actor APT-10, according to warnings by the Australian Cyber Security Center (ACSC).

So, how can you avoid a damaging breach? We recommend adopting these strategic and tactical approaches to service provider security to protect your brand reputation and customer loyalty.

Protect MSP Networks and Assets

Service providers should embrace both strategic and tactical approaches to a layered approach to security. While there is no silver bullet to prevent data breaches, there are actions to deter cybercriminals, demonstrate compliance and implement security best practices.