https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2021 MSP 501 Application
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2021 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2021 MSP 501 Application
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2021 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Digital Service Providers
  • Cloud Service Providers
  • CHANNEL PARTNERS ONLINE
 Channel Futures

Security


Report: ‘Unofficial’ Ports & Database Services Biggest Cyberattack Targets for SMBs

  • Written by Kris Blackmon
  • September 25, 2017
A new report drills down into the areas of biggest vulnerabilities in small businesses' networks.

If there were any doubts as to the magnitude to which cyberattacks impact IT service providers, the rash of high-profile attacks in the first half of 2017 should have definitively erased them. From Russian hacks to WannaCry to NotPetya, the slew of ransomware and other cyberattacks leading to data breaches has brought cybersecurity to the forefront of everyone’s minds, whether or not they work in IT.

However, as channel partners are well aware, there is more to the cybersecurity story than attacks that make the headlines. A new report by Calyptix Security that analyzes threat intelligence data collected exclusively from small business networks in North America. Threat Intelligence Report: 24 Hours of Inbound Attacks on Small Networks reviewed intrusion detection alerts captured from about 800 network security devices at small businesses across the U.S. and Canada 

Ben Yarbrough, CEO of Calyptix, says he wanted the study to drill down to network security data from the smallest networks – those ranging from about 5 to 100 endpoints. Intrusion detection alerts were collected from security appliances at these networks for a single 24-hour period in August 2017 for the report.

“Cyber security research tends to either ignore small businesses or roll them into a larger group, such as ‘networks with fewer than 500 endpoints.’ But is a network with 400 devices really a small business environment? We don’t think so, and that’s why we feel this report is critical,” said Yarbrough.

The report confirms that small businesses are frequent targets of cyberattacks and offers specific insights as to where channel partners need to be focusing their energies when devising a comprehensive security solution for their SMB clients. For example, the study outlines in detail exactly which services attackers use the most to gain entry into businesses’ systems, preferred targets by geographic region and the industries most favored by hackers.

Here are the top six takeaways for partners: 

  1. The threat is real and small businesses cannot hide in obscurity on the internet. Small business networks are under constant threat and reconnaissance by focused attackers with interest in very specific systems. Top targets at small businesses include Microsoft SQL database, remote access by Microsoft RDP or SSH, VoIP telephone systems, any enabled web content or access, remote management tools, UPS power systems, Windows update systems, Windows file shares and FTP.
  2. Attackers would not purse any of these systems unless occasionally successful. This reality suggests there remains significant fertile ground for MSPs to educate and serve small business owners.
  3. MSPs should utilize every available tool to minimize exposure of their own systems as well as their clients from unauthorized access, including VPNs, restricting management access, account lockouts, and enhanced authentication measures.
  4. Given the scale of attacks and reconnaissance, MSPs should always operate IDS/IPS systems in a protective mode (e.g. block traffic).
  5. MSP’s should not establish any publicly facing system (e.g. internet exposed) without deliberate consideration and planning, including network segmentation, vigilant patching and maintenance as well as monitoring, especially for unauthorized or unusual access.
  6. MSPs should exercise caution with cloud service providers to ensure cloud based systems implement reasonable access controls, timely maintenance and ongoing monitored.

As is almost always the case, the client is the biggest source of vulnerabilities (and cybersecurity headaches), and partners need to make sure to build governance guidelines into their service agreements in order to save both their clients from attack and themselves from liability.

“IT professionals need to protect themselves from neglectful clients. You must operate under clear guidelines that outline where your responsibilities start and end,” says Adam Sutton, Director of Marketing for Calyptix. “This not only clarifies the value you offer to clients, it also sets clear boundaries that protect you from responsibility if a data breach occurs. This is important for IT service providers in all industries, and especially those who operate in heavily regulated industries such as healthcare and banking.”

Tags: Cloud Service Providers Digital Service Providers MSPs VARs/SIs Security Technologies

Related


  • Partner program gears
    Pluribus Networks Launches Expanded, Simplified Partner Program
    The expanded program shifts from four to two tiers to simplify engagement.
  • Trophy
    Veeam Partner Awards Honor Arrow, SHI, CDWG, More
    These partners exceeded Veeam's expectations in 2020.
  • CP-Expo-Logo-1050x618 web
    Channel Partners Virtual Wraps — See You In Person at CP Expo Homecoming
    So long, Channel Partners Virtual. But what a week it was. Now, our live event is on tap.
  • Depiction of a supply chain
    Full-Stack ICT Supply Chain Ownership Becoming a Thing of the Past
    To own or not to own? Supply chain model changes bring new players to the forefront.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Why Fortinet for my MSSP?
  • Day 2 at Channel Partners Virtual Complete, with a Packed Day 3 Ahead
  • Small and Mid-Size Business Security: 4 Steps to Success
  • Thycotic-Centrify Merger Poses Potential Threat to PAM Leader CyberArk

Galleries

View all

From The Second City: How to Use Improv as a Business Tool

March 3, 2021

Industry Perspectives

View all

5 Ways XDR Can Improve Operational Efficiency for MSPs

March 4, 2021

Multi-Cloud: Strategy or Inevitable Outcome? (or both?)

March 3, 2021

Backup Vulnerability: 4 Targets Hackers Might Utilize to Infiltrate Your Backup Solution

March 2, 2021

Webinars

View all

A Partner’s Perspective on Channel Success in 2021

March 23, 2021

XDR and Why it Matters to MSPs

March 24, 2021

Top Security Trends Impacting Technology Security Providers In 2021

March 25, 2021

White Papers

View all

Why Fortinet for my MSSP?

March 2, 2021

Small and Mid-Size Business Security: 4 Steps to Success

March 2, 2021

How SMBs Can Secure Endpoints and Remote Workers for the Long Haul

March 2, 2021

Upcoming Events

View all

Channel Partners Conference & Expo

November 1, 2021 - November 4, 2021

Videos and Fastchats

View all

FASTCHAT: How SOAR Eliminates Security Challenges and Elevates Service Provider Revenues

January 6, 2021

Happy Holidays from Channel Partners & Channel Futures!

December 21, 2020

FASTCHAT: How Old, Unpatched Technologies Are Creating New Security Threats for MSPs and Their Customers

December 3, 2020

Twitter

ChannelFutures

.@okta acquiring rival @auth0 in $6.5 billion all-stock transaction. #security dlvr.it/Rtzwdp https://t.co/4LvHCJuwsR

March 4, 2021
ChannelFutures

.@MicrosoftTeams features are coming to @MSFTDynamics365, the company announced at @MS_Ignite. #MicrosoftIgnite… twitter.com/i/web/status/1…

March 4, 2021
ChannelFutures

.@PreciselyData acquired by Clearlake Capital, @TAAssociates. #digitaltransformation dlvr.it/RtzbKg https://t.co/1rNYnTScxq

March 4, 2021
ChannelFutures

Thanks for attending #CPVirtual. Here's a Day 3 wrap and a look ahead to #CPExpo Homecoming in November!… twitter.com/i/web/status/1…

March 4, 2021
ChannelFutures

.@Veeam announces six annual Impact Partner Awards, with @SHI_Intl, @LogicalisUS, more. #cloud… twitter.com/i/web/status/1…

March 4, 2021
ChannelFutures

#XDR can improve operational efficiency for #MSPs. @TrendMicro #security #endpoint #AI #threatintelligence… twitter.com/i/web/status/1…

March 4, 2021
ChannelFutures

.@IBM adds two senior execs to leadership team at infrastructure IT spinoff, NewCo. @IBMNews @IBMPartners… twitter.com/i/web/status/1…

March 4, 2021
ChannelFutures

RT @ChannelEurope: Craving more #EMEA news? Get the latest headlines, insights and commentary in EMEA directly to your inbox. Subscribe to…

March 4, 2021

MSSP Insider

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Channel Partners Online

Want more? Find more channel news and analysis on our sister site, Channel Partners.

Media Kit And Advertising

Want to reach our audience? Access our media kit

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Online
  • Channel Partners Events
  • MSP 501
  • MSSP Insider
  • IoT World Today
  • Webhostingtalk

WORKING WITH US

  • Contact
  • About us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X