Increase in number of malicious cyberattacks targeting managed service providers

Managed Service Providers (MSPs) as a Trojan Horse

Managed service providers (MSPs) have direct access to their customers’ networks and applications – reason enough for hackers to use their infrastructures as a starting point to launch malicious attacks against third parties. A new CISO guideline recommends measures that MSPs should implement to protect themselves and others.

Published in IT-Markt No. 08/2022 by author Kay-Uwe Wirtz, Regional Account Director DACH, Barracuda MSP

Managed service providers (MSPs) are being prompted to update their IT protection and introduce new security guidelines on an increasingly regular basis. Malicious cyber activities that specifically target MSPs are on the rise. This trend is set to continue.

Best practices for optimal protection

MSPs have direct access to their customers’ networks and applications. Criminals who successfully manage to compromise an MSP by using its infrastructure as a starting point are able to launch all sorts of malicious attacks against customers or other companies. National and international security organizations as well as the new Cybersecurity and Infrastructure Security Agency (CISA) guidelines recommend that MSPs implement the following best-practice measures:

  • Prevent compromises through adopting protective measures against common attacks
  • Introduce monitoring and logging as well as endpoint detection and network defense monitoring
  • Safeguard remote applications and enforce multi-level authentication (MFA)
  • Develop and implement incident response and recovery plans
  • Proactively manage supply chain risks via security, legal and procurement groups and prioritize resources

MSP customers are advised to implement comprehensive security event management and ensure MSP accounts are monitored or audited. They should also ensure that MSP contracts include backup services.

Preventing consequential costs of successful attacks

Full implementation of these recommendations is likely to increase the cost of providing services for most MSPs. With inflation set to increase further and technology supply chains still affected by the pandemic and the war in Ukraine, rising costs are the last thing MSPs want to talk about. However, companies would be wise not to ignore the reality that a successful ransomware attack is likely to be at least as expensive. The costs associated with restoring the system is just one element to consider. Potential liability issues caused by security loopholes following inadequate advice from the MSP are another major cause for concern. Not to mention huge reputational damage and a potential drop in sales for the MSP. It is quite common for MSPs to be locked out of their systems following a ransomware attack or to be used as Trojan horses for criminals looking to infect customers with CryptoLockers and demand large ransoms.

Take warnings seriously

MSPs should heed the warnings that they are fast becoming a prime target for cyberattacks. Service providers should therefore take full advantage of the security solutions they offer their customers for their internal processes (such as current AI-based monitoring and containment tools). The following steps can help during the implementation phase:

  • Use security-oriented, regularly updated remote monitoring and management (RMM).
  • Organize regular safety audits.
  • Use security solutions powered by AI and machine learning to enhance email and network monitoring and initiate automated mitigation and response strategies.
  • Review the incident response plan in light of current policies and the latest threats.
  • Evaluate one’s own ability to swiftly secure customer networks and restore service in the event of a breach.

For experience and expertise, look no further than DataStore and Barracuda

MSPs are attractive targets for cyberattacks, especially given the current climate of geopolitical volatility. However, service providers who invest in time, training and the right technology are literally on the safer side and are armed against becoming the unwitting accomplices in criminal attacks. DataStore and Barracuda offer expert support in the battle against cybercrime. Barracuda delivers innovative, cloud-enabled security solutions for companies of all sizes. DataStore offers individual consultation and implementation services, a training center authorized by Barracuda, demo equipment and the necessary managed services.

Interested? If you have any questions, please contact:

Michael Ulrich
Senior Business Development Manager