Cybercriminals used ransomware and other cyber threats to target MSPs in 2020 and appear likely to do the same in 2021, according to the "2021 MSP Threat Report" from threat detection and response platform provider Perch Security.
Notable findings from Perch's report included:
- 60 percent of MSP client incidents were linked to ransomware.
- 73 percent of MSPs reported at least one security incident over the past 12 months.
- 82 percent increased their cybersecurity budget in 2020.
Perch also made the following MSP threat landscape predictions for 2021:
1. MSPs Will Be Required to Comply with a Wide Range of Regulations.
Cyber insurance carriers will demand better cybersecurity maturity for any MSP that wants to obtain coverage. Furthermore, new state and federal government regulations may be proposed and instituted that require MSPs to take additional precautions to safeguard their sensitive data against cyberattacks.
2. Cybercriminals Will Capitalize on MSPs' Lack of Visibility into Cloud Environments.
Hackers will focus on cloud-based attacks, due to the fact that many MSPs lack visibility into cloud environments. They may use credential theft, exploit misconfigurations and leverage API-based attack vectors to illegally access MSP data stored in the cloud.
3. Cyber Extortion Will Increase the Costs of MSP Data Breaches and the Time to Recover from Them.
Digital forensics costs will rise in ransomware breaches, since privacy laws will require MSPs to conduct research to identify and evaluate these incidents.
In addition, Perch offered several recommendations to help MSPs guard against cyberattacks in 2021, such as:
- Conduct a self-assessment to identify security gaps
- Leverage security controls that complement existing ticketing systems
- Teach customers and employees about cyberattacks and the risks associated with them
MSPs are valuable targets for cybercriminals and must plan accordingly, Perch indicated. That way, they can take steps to protect against cyberattacks and keep pace with emerging threats.
Related: MSSP Alert spoke with Perch Security CISO Wes Spencer on April 8 about additional security-related MSP market trends. We'll share insights from that conversation soon.