Free Newsletters for the Channel
Register for Your Free Newsletter Now
Cybercriminals are using point-of-sale intrusions, business email compromise (BEC) and ransomware.
July 13, 2020
MSPs have taken a closer look at their cybersecurity in response to a U.S. Secret Service alert of escalating attacks against the providers.
According to the Secret Service alert, a single MSP can service a large number of customers. Therefore cybercriminals are specifically targeting these MSPs to conduct their attacks at scale to infect multiple companies through the same vector, the agency said.
MSPs utilize multiple open source and enterprise software applications to facilitate remote administration, it said. In the event of an MSP compromise, bad actors often use these applications to access their customers’ networks and conduct attacks.
Cybercriminals are leveraging compromised MSPs to conduct a variety of attacks, the agency said. Those include point-of-sale intrusions, business email compromise (BEC) and specifically ransomware attacks.
The agency’s investigations team, the Global Investigations Operations Center, has been seeing an increase in incidents where hackers breach MSP solutions. And they use them as a springboard into the internal networks of the MSP’s customers.
Elon Grad is Platte River Networks‘ vice president of technology and innovation. He said as an MSP, “you’re a trusted advisor to your clients.”
Platte River Networks’ Elon Grad
“Maintaining cyber security practices at the highest standard are foundational to protecting your business and your clients,” he said. “We often make recommendation to our clients about improving their cyber security standards, but we also need to look internally and practice what we preach.”
Enterprise Networking Solutions (ENS-Inc) is a California-based MSP. Chad Hodges, it’s executive vice president, said in these “unprecedented times, security has become paramount.”
Enterprise Networking Solutions’ Chad Hodges
“With our nation’s workforce compelled to work from home and telework for the majority of the time, our enterprises are exposed to an attack surface that we have not seen on a global scale,” he said. “As MSPs, it has become important to make sure that any endpoints connecting to our environments are secure and protected. Our clients have been very receptive to our mutual efforts to ensure we limit the potential attack surface, and we appreciate their willingness to work with us as a provider of their critical services.”
The agency offers best practices for MSPs:
Have a well-defined service level agreement (SLA).
Ensure remote administration tools are patched and up to date.
Enforce least privilege for access to resources.
Have well-defined security controls that comply with end users’ regulatory compliance.
Perform annual data audits.
Take into consideration local, state and federal data compliance standards.
Proactively conduct cyber training and education programs for employees.
Best practices for MSP customers include:
Audit remote administration tools used in your environment.
Enforce two-factor authentication (2FA) for all remote logins.
Read more about:MSPs
You May Also Like
Cloud Computing News: AWS Loses Another Key Exec to Azure; Canalys, Vega Cloud, Hyve NewsFeb 23, 2024
Channel Futures Reveals 2024 Circle of Excellence InducteesFeb 23, 2024
Canalys Channel Leadership Matrix Names AWS, Cisco, HP Among 'Champions'Feb 22, 2024
CrowdStrike, SonicWall Cyber Threat Reports Highlight Attacks, Popular TacticsFeb 21, 2024