Managed Service Providers (MSPs) often have their hands full managing the IT and data protection services of their clients. But are they being vigilant about their own cybersecurity? Increasingly, MSPs are targets of cyberattacks. And if their systems aren’t secure, that can have far-reaching consequences for both MSPs and their clients. It is important for MSPs to ensure that they have the same safeguards in place for their systems as they do for their clients’ systems. Here are a few reasons why MSPs need to practice what they preach regarding cybersecurity.
MSPs Are a Growing Target for Hackers
This past year, cybercriminals have shown an increased interest in mounting attacks against MSPs. Cyberliability insurance provider Beazley analyzed its internal data and found a 37 percent increase in ransomware attacks in Q3 2019 over the previous quarter—25 percent of those attacks were against MSPs.
It’s not intuitive to think that companies specializing in data protection services would be targets of cyberattacks. However, there are many reasons why hackers increasingly choose to target these types of businesses.
Firstly, hackers know that MSPs are often small to medium-sized businesses. These smaller MSPs may not have the resources to handle persistent cyberattacks. Because of the strain that a cyberattack can place on small MSPs, they often prefer to pay the ransom.
Via MSPs, Hackers Can Target Multiple Organizations with One Attack
A second reason why hackers have begun to target IT service providers more frequently is that they can have a more significant impact with a single cyberattack. Using this targeting technique, hackers can infiltrate an extensive network of connected computers in a short amount of time. As a result, the impact of an attack on an MSP can be immense. In one recent event in Texas, computers in 20 local governments were attacked via an initial attack on a single service provider. At least 13 similar incidences were reported last year.
Remote Monitoring Systems Are Vulnerable
Finally, hackers have identified a third vulnerability they can leverage to attack multiple computers at once: remote monitoring and management (RMM) tools. In one recent incident, an attacker deployed the ransomware variant GandCrab via an RMM plugin. Secplicity reports that one MSP had 2,000 computers encrypted and held for 2.44 million in ransom. A patch for this plugin was available at the time—had the MSP pushed the patch, it may have avoided the disaster.
With cyberattacks against MSPs on the rise, MSPs must take the proper measures to protect both clients and themselves from ransomware and other breaches.