Hackers are increasingly targeting MSP solutions and using them to attack service providers' customers, according to a U.S. Secret Service security alert issued June 12. Threat actors are using hacked MSPs to launch cyberattacks against service provider customers' point-of-sale (POS) systems and perform business email compromise (BEC) and ransomware attacks.
Since a typical MSP may support dozens or hundreds of customers, cybercriminals are attacking service providers in the hopes of infecting multiple companies via a single vector, the Secret Service noted. If an MSP is compromised, cybercriminals can then use the service provider's applications to attack its customers' networks.
Recent ransomware attack victims in and around the MSP and IT outsourcing market include:
Best Practices for MSPs to Guard Against Cyberattacks
The Secret Service offers the following recommendations to help MSPs protect themselves against cyberattacks:
Along with the aforementioned best practices, multi-factor authentication (MFA) may help MSPs guard against cyberattacks, Lane Roush, VP of Presales Engineering at security operations center-as-a-service provider (SOCaaS) Arctic Wolf, told MSSP Alert. Roush indicated that MSPs also can conduct user access reviews of their systems and vulnerability management to improve their security posture.
How MSPs Can Mitigate Ransomware Attack Risks: To further safeguard your MSP business and clientele from ransomware attacks, follow this tip sheet.
