How managed service providers can pose a risk to their customers
Wednesday, July 8, 2020
The alert from the Secret Service is far from the first such notice in recent years. In October 2018, The National Cybersecurity and Communications Integration Center (NCCIC) warned of ongoing attempts from state-sponsored hacking groups to breach MSPs, especially targeting cloud-based service providers.
"Attackers concentrate their malicious efforts on MSPs because they are now a low-hanging fruit," Ilia Kolochenko, founder & CEO of web security company ImmuniWeb, told TechRepublic. "Worse, most of the successful intrusions are never detected or reported given that the attackers have strong incentives to conceal the breach that may otherwise trigger an investigation that may depreciate the value of stolen data or even bring a SWAT team to their homes."
In its advisory, the Secret Service offered advice for both MSPs and their customers to grapple with the rise in hacks and breaches. Risk management is another area that MSP customers need to reevaluate, according to Kolochenko.
"Their third-party risk management process is, however, mostly based on obsolete one-size-fits-all questionnaires," Kolochenko said. "This bureaucratic approach can be unreasonably burdensome and complex for some small vendors; for others, they are inadequate and otherwise flawed. Organizations should rethink their third-party risk management strategies, making them adjustable and proportional to the risk on a case-per-case basis." Read Full Article
teiss: Hackers using MSPs as staging ground to launch ransomware attacks: US Secret Service