I just read an article explaining why MSPs are “hacker targets.” While all organizations connected to the Internet are reasonable targets for a wide variety of hacking attempts, I also believe we have moved beyond the simplistic argument that MSPs are a unique and vulnerable gateway to their clients. I will explain.

MSPs Were Attacked

The notion that MSPs have a unique vulnerability in their operational and business makeup is ridiculous. STOP: READ THIS NEXT SENTENCE. MSPs, like all organizations connected to the Internet, face vulnerabilities and attacks. This will not change!

Having said that, the idea that an MSP, as compared to a company that manufactures medical devices for hospitals, is more at risk to successful cyberattacks has not yet been proven out. Meaning, MSPs have not been disproportionately breached as compared to the rest of the non-MSP population.

For more than 20 years, MSPs have been the guardians of the cyber galaxy, monitoring, managing, and protecting clients from untold threats, both internal and external. By their nature, MSPs are more secure and “aware” of the risks they face than the typical organization (even those with internal IT departments). More importantly, they continue to arm themselves with top-line defenses against ongoing cyber threats.

My point in raising this as an issue is simple: as I have said before, the vast majority of MSPs have not been disproportionately impacted by ransomware or similar cyberattacks. The vast majority of MSPs provide constant vigilance for their clients, offering them a measure of cyber and IT protection they would otherwise have been unable to achieve. It’s important to note, I am speaking specifically of MSPs, not break-fix IT, not reactive IT shops, but proactively managed IT.

The Word is Out and MSPs are arming themselves with tools and knowledge

The MSP community is strong, primarily because it is a tight-knit community. The amount of backchannel communication that takes place amongst MSPs all over the world is staggering. MSPs rely heavily on one another for guidance, objective advice, and information sharing. This fact is one of the reasons MSPAlliance has been so successful over the years. The collaboration and information sharing amongst MSPAlliance members allows for faster adaptation to real-time events.

Attack Where Your Enemy is Not

I’m not sure who came up with the phrase “attack where your enemy is not,” but it seems like wise advice. Cybercriminals are efficient (not the same as lazy). They do not want to waste their time on campaigns unlikely to yield results (whether that is money, information, or other strategic objectives). Ransomware gangs want easy targets, capable of generating money in as fast a way as is possible. MSPs today are making moves to arm themselves against what is sure to be continued waves of cybercriminal activity. Given that, cybercriminals might find that MSPs are not as easy of a target as they had once hoped.

Tags : cyber attack,MSPs
  • Craig
    Posted at 09:47h, 14 October Reply

    Charles,
    Good article with many valid points. MSPs are exposed to many more threats and must deal with them daily, than an individual company. Through repetition MSPs become more fit and more attuned to hackers tactics and defending against them. As you point out, many simple ways into an MSP have been closed off by Continuum/Datto/Kasaya forcing 2FA when accessing their products.

    However, cybersecurity remains embroiled in an arms race.

    Ransomware initial targeted availability by encrypting files, holding them hostage for ransom. MSPs perfected their backup strategies and restore data so quickly they largely eliminated the availability risk. Hackers pivoted ransomware attacks to threaten confidentiality by releasing stolen data to public websites forcing some companies (Healthcare) to pay ransoms to protect the innocent. MSPs now build ransomware and phishing awareness training into their offerings to address this shift in tactics. And the cycle continues.

    Cybersecurity is an immature industry that everyone needs to mature. Cybersecurity and MSPs go hand in hand just like people need doctors, homeowners need plumbers/electricians, and litigants need lawyers. The emergence of the vCISO role should help MSPs hire just enough consulting power to shore up gaps in their cyber programs and keep their clients well advised on this escalating arms race.

    Organizations like the MSP Alliance must continue to educate virtually the way they held their MSP World conference this past month in October 2020. Alone we are weak, but together we are strong.

  • Are you better off with or without an MSP? - MSP Alliance
    Posted at 10:10h, 21 October Reply

    […] ask the question in order to realign the discussion of outsourcing IT management in light of recent attacks on MSPs in the past 24 […]

Post A Comment

Have questions?

We're here to help! Fill out the form below and we will get back to you as soon as possible.

    Contact us

    Address:

    100 Europa Drive, Suite 569 | Chapel Hill, NC 27517

    Phone:

    1-800-672-9205

    Email:

    info@MSPAlliance.com

    Sign Up For Our Newsletter

    Select list(s) to subscribe to


    By submitting this form, you are consenting to receive marketing emails from: MSPAlliance, 100 Europa Drive, Chapel Hill, NC, 27517, https://www.mspalliance.com. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact