Mitigate Cyber

Attacks Targeting Managed Service Providers

Cyber criminals are targeting managed service providers (MSPs), companies to which others outsource the administration of their IT infrastructure. Many MSPs also offer network analysis and threat detection services.

MSPs represent an enticing target for attackers due to their use of remote administration tools and the opportunity to instantly gain access to a large number of additional systems—those of the MSP’s client base.

A recent campaign has seen attackers deploying the GandCrab ransomware via a vulnerability in the ManagedITSync plugin, which is used to connect the customer relationship manager (CRM) ConnectWise and remote management software Kaseya, both popular with MSPs.

ConnectWise have since released an updated version of their software, along with advice on how to scan for vulnerable plugin files.

This incident shows, however, the security risk posed by outsourcing IT administration without implementing proper access controls and intrusion detection. Additionally, the use of ransomware in this recent attack reinforces the importance of maintaining proper backups, allowing a business to recover rapidly in the event of a compromise.

Latest Articles

HAPPY SECURE NEW YEAR: HERE’S The cyber security trends to watch out for in 2021

It’s fair to say a lot changed in 2020. It was an unprecedented year, full of uncertainty, both economically and politically. 2021 has started much the same, with anytime, anywhere, remote working patterns remaining prevalent in the business world.

We are now, more than ever, reliant on our technology. But with that reliance comes the need to ensure it’s safe and secure usage. Here are the key cyber security trends to watch out for this year.

Read More »
Scroll to Top