N-able: MSPs, SME Customers Bombarded with Phishing Attempts, Ransomware

MSPs and their SME customer bases continue to be prime targets for phishing attempts, especially when it comes to ransomware.  

N-able‘s analysis of its 2022 Mail Assure data compared to 2021 showed an increase in phishing attempts over the prior year. That’s based on over 28 billion emails blocked by the cloud-based email security solution.

Specifically, phishing attempts against businesses increased from 776 million to 913 million, an 18% increase year over year. Moreover, there were 5 million more attempts by hackers to install viruses on MSP customer servers.

Lewis Pope is head nerd at N-able.

N-Able’s Lewis Pope

“The SME market is a ripe target for malicious actors that leverage phishing campaigns because they know SMEs are less likely to have proper cybersecurity awareness training and proper security controls in place,” he said. “It’s not much different than someone looking to rob a house. Why waste the effort on a house with gate guards and a security system when there are easier targets around that have the same payoff potential?”

Phishing Attempts Top Attack Vector

In a survey commissioned by N-able last year, MSPs reported that 82% of customers have seen an increase in cyberattack attempts, with phishing revealed as the top attack vector. As email continues to be a primary delivery method for malware, with many ransomware attempts delivered this way, these types of targeted attacks can provide a rapid entry point to deliver the payload cybercriminals are desperately seeking.

“Phishing attacks are on the rise and are likely to gain an edge in how effective they are due to tools like advanced chatbots,” Pope said. “Artificial intelligence (AI)-assisted phishing attacks could let attackers overcome non-primary language barriers in communications, making social engineering and phishing attacks more effective. Cybersecurity awareness training teaches users to be wary of poor grammar, syntax and unusual word choice. And cybercriminals are eager to remove that weakness from their tactics, techniques and procedures (TTP). This improves their likelihood of success at gaining access to systems, compromising credentials or simply convincing an administrative assistant to wire funds to a foreign bank account.”

Phishing ‘Incredibly Efficient Tool for Cybercriminals

Dave MacKinnon is N-able’s chief security officer. He said cybercriminals are clever, and phishing is, for them, not only cost effective, but an “incredibly efficient” tool in their arsenal.

N-able’s Dave McKinnon

“These criminals will continue to deliver well-timed and well-planned spear-phishing attacks against strategically targeted individuals within an organization to gain the right permissions to execute their actions and objectives,” he said. “To do this, actors will continue to leverage highly specific spear-phishing emails with the intent of installing malware on even the most cyber-aware companies’ assets. It’s vital to stop as many attempts as possible at the front door, but this strategy on its own isn’t enough.” 

Cyber resilience doesn’t need to be complex, MacKinnon said. An MSP can provide simple solutions to help reduce vulnerabilities and protect SMEs by implementing security controls aligned to the United Kingdom’s Cyber Essentials framework, NIST Cybersecurity Framework, CIS Controls or the upcoming European Union cybersecurity certification framework.

“These solutions include the use of data protection, proper patch management, email security, 24×7 security monitoring for endpoints, the use of multi-factor authentication (MFA), and other tools along with complementary business processes,” he said. “Not only can this help improve a SME’s cyber resilience, but also improve operational efficiencies at the same time.”