Managing the Surge in Attacks on MSPs

The use of managed service providers (MSPs), which companies outsource the responsibility for maintaining, and anticipating need for, a variety of processes and functions to boost operations and cut expenses, has soared since the COVID-19 pandemic first reared its ugly head.


Driven by the virus, entire workforces were sent home to work, some practically overnight, and this switch to working from home drove a massive spike in outsourcing to MSPs, which unfortunately, didn’t go unnoticed by cyber crooks who want to scale their attacks.


For many MSPs, 2021 was something of an annus horribilis. The massive REvil Kaseya ransomware attack, that came to light in early July, was a massive wakeup call for an industry that depends so heavily on outsourcers for support of its most critical operations. By breaching a single software business, Kaseya, whose tools are widely used by MSPs, the bad actors behind the attack were able to disrupt approximately 1,500 businesses.


For some time, attackers have had MSPs in their crosshairs, and have increasingly targeted them with ransomware. Unfortunately, for these guys, it's no longer about protecting their customers’ data alone, but protecting their own systems and data too.


MSPs are desirable targets because of their role in the supply chain.


They are often a stepping stone into a much more desirable target. It makes sense for an attacker to gain access to a large corporation that has all the best cyber security solutions in place through a partner that doesn’t. It’s all about the low hanging fruit and the path of least resistance when it comes to hackers.


This is particularly true of ransomware. By infecting an MSP, the malefactor has a much better chance than when he or she goes after each entity on its own. One attack can yield hundreds of successful opportunities to cash in.


For these reasons, MSPs are realising protecting their technology environment alone, is not enough. Today more than ever, MSPs need to embrace cyber resilience so they can mitigate losses and disruption.


After all, part of an MSP’s job is to make sure all their customers’ bases are covered, and while no one is saying security software isn’t an important element of managed service provision, it can’t be the only line of defence. The human factor remains the a major culprit for security breaches across the board, and therefore, security awareness training is a crucial part of any comprehensive cyber security program.


Bad actors are well aware that the average user is more vulnerable to social engineering or phishing emails than an IT professional. Staff members are likely to open suspicious links, particularly when they have been crafted to resemble the genuine article so well, they would defy all but the closest scrutiny.


Without the proper training to help them recognize what might be an attempt at social engineering, customers’ networks and data could be compromised with the click of a mouse. For MSPs, cyber security awareness training is not only critical to their success, it is also saves them time and money, because if their customers’ staff understand the issues, and know how to avoid falling victim to phishing and similar attacks, the MSP is less likely to have to clean up the mess in the aftermath of a breach.