By Greg Arnette, Founder and CTO, Sonian
Attackers are branching out when it comes to the methods they use to infiltrate organizations. Not only are they targeting specific businesses and high-profile individuals and looking for ways to get in through third-party contractors, they’re going after organizations that house data for multiple companies. Managed services firms and other solution providers need to be aware that they’re highly attractive targets — especially those with high-profile or regulated customers .
In fact, in late 2016, PwC, along with BAE Systems and the UK’s National Cyber Security Centre, uncovered a global cyber espionage campaign carried out by APT10, a well-known threat actor in the cyber security world. The campaign, which may have begun as early as 2014, directly targeted IT MSPs and when successful provided unbridled access to their customer networks. This “back door” approach allowed attackers to reach multiple organizations through one entry point.
To avoid what would surely be an uncomfortable conversation, MSPs need to take strategic measures to protect themselves. That’s especially true if you use or resell cloud services. A recent Check Point survey of IT professionals found 34 percent listed general security risks as the No. 1 barrier to cloud adoption. These apprehensions mean businesses are increasingly requiring that MSPs demonstrate how they’re bolstering their security services. Providers perceived as not up to par may find themselves losing clients.
For MSPs who have not yet taken strides to fortify their systems – and most have not, in my experience – now is the time to be hyper-proactive. Create the best defense with a strong offense. For example, training employees on security is important at every organization and but especially crucial for MSPs, where there tends to be high staff turnover and more junior-level skill sets.
|SDN & Security: The Future Is Now. Helping customers successfully navigate this transformation will require the right skills and partnerships — but growth is off the charts. Download this free Channel Partners report to discover the service opportunity in managing the security requirements of virtualized networks. Get it now!|
Train teams should be trained to spot common tricks and identify suspicious activity. For instance, many security compromises happen when employees are sent what appears to be a password-reset email. While they often look legitimate, if employees open the messages and follow the instructions listed in the email, they are flinging the proverbial door wide open. Look at the hack of the Clinton campaign: Chairman John Podesta received a password reset notification from “Google,” and while there was confusion with IT about its legitimacy, he ultimately followed the prompts, allowing attackers full access to his account. He also failed to activate Google’s two-step verification – an easy and often overlooked security measure – which further weakened the locks on his emails.
While longtime IT professionals may wonder how someone could be so careless, hindsight is 20/20. No one expects to be a target, so it’s easy to ignore red flags without proper training. MSPs should consider offering to customers and using internally a series of …