Sophisticated hacking attacks coming for MSPs
Increasing evidence suggests that hacking attempts are becoming ever more sophisticated.
In 2013, “spear phishing” became a commonly used term. Spear phishing moves away from the opportunistic nature of traditional phishing, and instead involves hackers specifically targeting a particular company.
By slowly and steadily working their way in and gaining more and more information, they gradually break down a company’s defenses, aiming for a high-payoff endgame, such as accessing the computer running Sage Payroll and draining the company bank accounts.
Now, according to a recent report on CRN, hackers are using even more sophisticated techniques. First, they find their way into a system using something like a Java backdoor, leaving stealthy malware in place for as long as is required.
This time around, the hackers seem to be targeting larger firms, but their way in could involve smaller partner organizations such as the MSPs that look after their target’s IT.
Instead of attacking the big firms directly (at least at first), these hackers look for “softer” targets and try to infiltrate those first. In a similar fashion to spear phishing, the cyber criminals look for crumbs of information, such as email addresses, external IPs and passwords.
This is obviously a huge concern to MSPs working with high profile clients. Clearly these MSPs don’t want to see their clients systems compromised, and they certainly don’t want it to transpire that the hacker’s way in was via their own MSP systems!
Here are a few tips to help MSPs bolster their defenses in recognition of this ever-evolving threat:
1. Stay aware
MSP owners should subscribe to security bulletins and encourage their teams to do the same. It’s no longer enough to trust security to third-party solutions – it’s also essential to be constantly alert to emerging threats.
2. Use the best security systems
Some MSPs encourage clients to use the best of everything, then cut costs on the internal network. This is not the way to go!
If cyber criminals are going to try to use MSP systems as a shortcut into their customers systems, then the MSP systems must be rock solid too.
3. Don’t save passwords
It seems like a really obvious thing, but MSPs should never save customer passwords for remote access tools or Web portals. It’s tempting to click the “remember me” or “save password” box, as it means typing the password far less often, but it also means a hacker can get straight into a client system if they compromise the MSP system first.
4. Educate users
MSPs need to educate both client-site users and their internal staff.
It’s all the standard stuff: complex passwords, logging off at night, and not writing passwords on post-it notes – but it’s all just as important as it’s ever been.
MSPs should not keep client data on unencrypted machines. Full disk encryption should be considered essential in this day and age – for reasons of privacy as well as security.