I just read an article explaining why MSPs are “hacker targets.” While all organizations connected to the Internet are reasonable targets for a wide variety of hacking attempts, I also believe we have moved beyond the simplistic argument that MSPs are a unique and vulnerable gateway to their clients. I will explain.
MSPs Were Attacked
The notion that MSPs have a unique vulnerability in their operational and business makeup is ridiculous. STOP: READ THIS NEXT SENTENCE. MSPs, like all organizations connected to the Internet, face vulnerabilities and attacks. This will not change!
Having said that, the idea that an MSP, as compared to a company that manufactures medical devices for hospitals, is more at risk to successful cyberattacks has not yet been proven out. Meaning, MSPs have not been disproportionately breached as compared to the rest of the non-MSP population.
For more than 20 years, MSPs have been the guardians of the cyber galaxy, monitoring, managing, and protecting clients from untold threats, both internal and external. By their nature, MSPs are more secure and “aware” of the risks they face than the typical organization (even those with internal IT departments). More importantly, they continue to arm themselves with top-line defenses against ongoing cyber threats.
My point in raising this as an issue is simple: as I have said before, the vast majority of MSPs have not been disproportionately impacted by ransomware or similar cyberattacks. The vast majority of MSPs provide constant vigilance for their clients, offering them a measure of cyber and IT protection they would otherwise have been unable to achieve. It’s important to note, I am speaking specifically of MSPs, not break-fix IT, not reactive IT shops, but proactively managed IT.
The Word is Out and MSPs are arming themselves with tools and knowledge
The MSP community is strong, primarily because it is a tight-knit community. The amount of backchannel communication that takes place amongst MSPs all over the world is staggering. MSPs rely heavily on one another for guidance, objective advice, and information sharing. This fact is one of the reasons MSPAlliance has been so successful over the years. The collaboration and information sharing amongst MSPAlliance members allows for faster adaptation to real-time events.
Attack Where Your Enemy is Not
I’m not sure who came up with the phrase “attack where your enemy is not,” but it seems like wise advice. Cybercriminals are efficient (not the same as lazy). They do not want to waste their time on campaigns unlikely to yield results (whether that is money, information, or other strategic objectives). Ransomware gangs want easy targets, capable of generating money in as fast a way as is possible. MSPs today are making moves to arm themselves against what is sure to be continued waves of cybercriminal activity. Given that, cybercriminals might find that MSPs are not as easy of a target as they had once hoped.