Report Shows Cybercriminals Target MSPs in Rapidly Growing Attacks

Attacks on MSPs and their customers have almost doubled in the last 18 months.

Claudia Adrien

March 10, 2022

3 Min Read

N-able findings show that managed service providers (MSPs) are quickly overtaking their customers as a primary target for cybercriminals. The research also revealed that while 90% of the surveyed MSPs suffered a cyberattack in the last 18 months, the number of attacks these MSPs are preventing has almost doubled, from six to 11. The research was conducted by an independent research firm and commissioned by N-able.

The report, ‘State of the Market: The New Threat Landscape,’ reflects the responses of 500 participants sourced from the U.S. and Europe by an independent research team. They discussed their security experiences before the COVID-19 pandemic and today, to discover what had changed. There has been an assumption that the increase in hybrid working means a shift in how threat attackers operate. N-able’s research looks at that shift and what it means for MSPs.


N-able’s Dave MacKinnon

Dave MacKinnon is chief security officer at N-able.

“MSPs have worked tirelessly throughout the pandemic to ensure that the businesses they support can stay online and connected as circumstances changed,” MacKinnon said. “But the cybercriminals they’re protecting against are working equally as hard to make use of these shifts against their targets. MSPs need to understand how the threat landscape continues to evolve and make the changes needed to protect both their customers and themselves, and make the most of the enormous opportunity that enhancing security provides.”

The Findings

The research reveals:

  • Almost all (90%) MSPs have suffered a successful cyberattack of some sort in the last 18 months. The same amount have seen an increase in the number of attacks they are preventing each month. On average, the number of attacks being prevented has risen from six to 11.

  • 82% of MSPs have also seen attacks on their customers rise. However, those have not quite been at the same rate, with an average of 14 attacks prevented per month.

  • While progress is being made on important security processes such as automating backup, many basics are still not in place. For example, while most MSPs offer two-factor authentication to their customers, only 40% have implemented it in-house.

  • DDoS and ransomware are among the main attacks MSPs are detecting, but the top attack remains phishing.

  • The effects of cyberattacks are wide ranging. Over half of MSPs say that financial loss and business disruption resulted after a cyberattack. Many said they have lost business (46%), suffered reputational effects (45%) and even saw their customers suffer a loss of trust (28%). MSP budgets are only increasing at an average of 5%. They are focusing this extra investment on key areas, including data security, cloud security and infrastructure protection.

  • There’s good news. Most SMEs, seven in every 10, are planning to increase their security budget. For MSPs, this means a big opportunity is available.

  • Automating key functions is critical to making headway against cybercriminals. Automated backups are the most common form of automation used by MSPs to keep their customers’ businesses secure, used by 85% of all respondents.

Want to contact the author directly about this story? Have ideas for a follow-up article? Email Claudia Adrien or connect with her on LinkedIn.

Read more about:

MSPsChannel Research

About the Author(s)

Claudia Adrien

Claudia Adrien is a reporter for Channel Futures where she covers breaking news. Prior to Informa, she wrote about biosecurity and infectious disease for a national publication. She holds a degree in journalism from the University of Florida and resides in Tampa.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like