• Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Managed service providers facing more attacks than ever before


PCHF Tech News
Jan 10, 2015
Cyberattacks involving compromised Managed Service Providers (MSPs) are on the rise according to a recent warning sent to private sector and government organizations by the US Secret Service.

MSPs are a particularly attractive target since a single MSP can service a large number of customers and cybercriminals use this to their advantage to launch attacks against multiple companies through the same vector.

In a security alert sent out last month, Secret Service officials said that their Global Investigations Operations Center (GIOC) had observed cybercriminals using compromised MSPs to launch attacks against PoS systems, to carry out business email compromise (BEC) attacks and to deploy ransomware.

Targeting MSPs

Attacks against MSPs surged in 2019 when ransomware gangs including GandCrab and REvil began targeting them as a way to infect their customers.

According to a report from the threat intelligence firm Armor, the company revealed that it had identified at least 13 different MSPs which were hacked in 2019 in order to deploy ransomware on the their customers' networks.

The Secret Service also provided best practices for MSPs and MSP customers to follow to avoid falling victim to an attack in its security alert.

The US federal agency recommends that MSPs have a well defined SLA, ensure remote administration tools are patched and up to date, enforce least privilege for access to resources, have well defined security controls, perform data audits and proactively conduct cyber training and education programs for their employees. At the same time, the Secret Service recommends that MSP customers audit SLAs and their remote administration tools, enable two-factor authentication for all remote logins, restrict administrative access during remote logins and utilize a secure network and system infrastructure.

Via ZDNet

Continue reading...