SeedSpark Blogs | Business Growth Services in Charlotte, N.C.

The Cyber War Fought by Managed Service Providers

Written by Samuel Adams | 01/22/2020

Common users probably think of MSPs – managed service providers – as a group of developers ensuring that Windows updates go off without a hitch, maybe occasionally scanning for malicious viruses, malware, or spyware. In reality, managed service providers are fighting an unseen war against an onslaught of cybercriminals trying their best to infiltrate company infrastructures, snatching as much data as they can before holding your system hostage – or wiping it altogether.

A new report from Dark Cubed, a company creating leading cyber security software, has revealed startling statistics showing that MSPs are swimming against a current of cyberattacks. Analysis of network traffic and data gleaned by monitoring firewalls protecting MSPs around the world revealed that 100% of MSPs studied suffered automated and directed attacks, totaling 6.9% of traffic. In total, 160,613 verified malicious hosts were observed attacking MSP networks, sending many industry leaders into distress.

“The rate of attacks on our customers is unlike anything I have ever seen and is getting worse. We are committing a significant amount of time, energy, and money to keeping our customers safe, but we are fighting a losing battle.” – Anonymous MSP CEO

How bad is the situation?

With 64% of American small to medium-sized businesses using MSPs, increased efforts by cybercriminals is putting millions of business owners and employees at risk. Many traditional security measures like geofencing and cloud-based solutions aren’t as secure as they once were. Determined criminals can plow through geofencing by simply purchasing hosting space in another country. Windows Remote Desktop and other RMMs – Remote Monitoring and Management tools – are now being tapped, gaining national media coverage from as more users are being impacted.  

Why target MSPs?

Hacking into one computer provides access to one set of files, programs, and a single user’s data. MSPs, on the other hand, supply access not only to their network, but the networks of every client that they serve. If hacking a personal computer is a cyber safe, consider MSPs cyber banks. While MSPs are constantly improving their security efforts, the volume of attacks – and an increase in successful ones - has pushed service cost higher and stained the reputation of  the entire MSP industry.

What should the MSP battle plan be?

Going forward (and always), MSPs should strive to be transparent with their clients. The digital environment of 2020 is much different than that of years past, meaning that an adjustment in business strategies is imperative. It’s also important for MSPs to practice their due diligence – any minor mistake could be the difference between comprehensive security and a catastrophic data breach.

While they won’t make your system infallible, Dark Cubed has provided a few strategies to help improve initial defenses are cybercriminals prepare their attacks.

  • Remote Access: Use a 2FA-secured VPN for all remote access capabilities. If your RMM provider doesn’t offer two-factor authentication, it’s time to switch providers.
  • Password Management: Stringent requirements for passwords should be the norm for both MSP and customer accounts. Boosting complexity and limiting password attempts before lockout and logging are simple tools to track attacks and stay secure.
  • Manage Access: Restrict MSP accounts by time and/or date, setting expirations that align with the completion of contracts. This keeps your system secure by blocking access unless completely authorized.
  • Network Architecture – Use a tiered network architecture to add additional security to EA and DA level accounts.
  • Threat Analytics – collect data from both internal MSP reports and MSP clients, covering every possible form of entry to detect changes in the network environment
  • Government Reporting – Agencies such as the National Cybersecurity and Communications Integration Center (NCCIC) found within the Department of Homeland Security Cybersecurity and Infrastructure Security Agency monitors and reports activity. Learn more at https://www.us-cert.gov/ncas/alerts/TA18-276B.

While MSPs are facing more adversaries than ever before, it’s important to remember that security teams are actively researching, reacting, and defending against attacks from all angles. While cybercriminals’ tool kits are always evolving, so are cybersecurity professionals’ as well. Get in touch with SeedSpark’s managed services team today to explore opportunities and learn how our team is fighting back against criminals digging deeper for your data.