MSPs increasingly face a “deliberate, systematic and ever-increasing barrage of attacks launched … by malicious actors and criminal organizations,” according to a new network traffic report from cybersecurity solution provider Dark Cubed.
Now, let’s look at five key takeaways from Dark Cubed’s report.
1. Automated and directed network attacks plague MSPs: Dark Cubed found that all MSPs in the report experienced both automated and directed network attacks. It also discovered that 6.9 percent of network traffic impacting MSPs is related to bots, scanners and hackers.
2. Remote access tools increase risk: MSPs frequently use remote access tools to support their customers. However, these tools present network risks due to the number of security vulnerabilities associated with their functionality, Dark Cubed indicated.
3. MSPs are overwhelmed by a “crisis of credibility.” Cyberattacks are increasing in terms of severity and frequency, and MSPs continue to update their security portfolios accordingly. Yet MSPs now face a “crisis of credibility,” as they are tasked with improving their security offerings without increasing the costs associated with them, Dark Cubed noted. (Side note: ChannelE2E actually coined the “MSP Crisis of Credibility” term back in mid-2019.)
4. Cyberattacks devastate MSPs: No business is immune to cyberattacks, and MSPs are no exception. If an MSP makes a single mistake, it risks network misconfigurations and other issues that increase its risk of suffering a data breach, Dark Cubed pointed out.
5. Cybercriminals will continue to target MSPs in 2020 and beyond: Cybercriminals that penetrate an MSP’s networks and systems can gain access to sensitive data from dozens or hundreds of customers at once. As such, hackers will likely continue to target MSPs in the foreseeable future, Dark Cubed said.
How Can MSPs Guard Against Cyberattacks?
Dark Cubed offered several recommendations to help MSPs guard against cyberattacks, including:
Create password policies for MSP and customer accounts.
Establish a VPN and place all remote access capabilities behind it.
Use threat analytics that encompass threat intelligence from multiple sources.
MSPs also must revamp their business strategies, Dark Cubed said. In doing so, MSPs can limit the risk of network configuration errors and other issues that can lead to data breaches.
To get ahead of the ransomware threat, MSSP Alert and ChannelE2E have recommended that readers:
Sign up immediately for U.S. Department of Homeland Security Alerts, which are issued by the Cybersecurity and Infrastructure Security Agency. Some of the alerts specifically mention MSPs, CSPs, telcos and other types of service providers.
Connect the dots between your cybersecurity and data protection vendors. Understand how their offerings can be integrated and aligned to (A) prevent attacks, (B) mitigate attacks and (C) recover data if an attack circumvents your cyber defenses.