Security News
When a client's server goes down or is compromised in a cyberattack, managed service providers need an effective business continuity and disaster recovery solution to restore data and operations quickly, without sacrificing margin. That means industry-leading recovery technology from a vendor that is there to support you, no matter what.
MuddyWater hackers, a group associated with Iran's Ministry of Intelligence and Security (MOIS), used compromised corporate email accounts to deliver phishing messages to their targets. [...]
The report explores the importance of cybersecurity and the key reasons behind this drive, how MSPs are primed to take advantage of that increased importance and why ITDMs need to spread their focus across all areas of cybersecurity. Key findings Cybersecurity is increasing in importance - 91% of ITDMs said cybersecurity will increase in importance over the next two years, and 63% cited the increased sophistication of cyberattacks as the key driver behind their focus on cybersecurity.
Managed service provider Advanced confirmed that a ransomware attack on its systems disrupted emergency services from the United Kingdom's National Health Service. Customers of seven solutions from the British MSP have been impacted either directly or indirectly, the company said.
A US managed service provider NetStandard suffered a cyberattack causing the company to shut down its MyAppsAnywhere cloud services, consisting of hosted Dynamics GP, Exchange, Sharepoint, and CRM services. According to an email sent to MyAppsAnywhere customers shared on Reddit, the company detected signs of a cyberattack on Tuesday morning and quickly shut down cloud services to prevent the attack's spread. "As of approximately 11:30 AM CDT July 26, NetStandard identified signs of a cybersecurity attack within the MyAppsAnywhere environment. Our team of engineers has been engaged on an active incident bridge ever since working to isolate the threat and minimize impact."
Multiple cybersecurity authorities from Australia, Canada, New Zealand, the U.K., and the U.S. on Wednesday released a joint advisory warning of threats targeting managed service providers and their customers. Key among the recommendations include identifying and disabling accounts that are no longer in use, enforcing multi-factor authentication on MSP accounts that access customer environments, and ensuring transparency in ownership of security roles and responsibilities.
Miscreants are targeting managed service providers to break into their customers' networks and deploy ransomware, steal data, and spy on them, the Five Eyes nations' cybersecurity authorities have formally warned in a joint security alert. These types of supply-chain or "Island-hopping" attacks can prove very lucrative for cybercriminals because once they break into an MSP, they gain access to all of the customers' networks and data being managed, and in turn commit computer crimes and fraud against those customers' customers.
Multiple cybersecurity and law enforcement agencies from FVEY countries shared guidance for MSPs to secure networks and sensitive data against these rising cyber threats. "The UK, Australian, Canadian, New Zealand, and U.S. cybersecurity authorities expect malicious cyber actors-including state-sponsored advanced persistent threat groups-to step up their targeting of MSPs in their efforts to exploit provider-customer network trust relationships," the joint advisory reads.
The cyber skills gap is driving a significant increase in reliance on external managed service providers, according to the Neustar International Security Council. 89% of security professionals participating in the survey, conducted in March 2022, said their organizations had somewhat or greatly increased their reliance on external providers due to the ongoing talent shortage.
Revenge and inflation are key drivers behind an 800 percent increase in cyberattacks seen by a managed services provider since the days before the onset of Russia's invasion of Ukraine last month, according to the company's top executive. The attacks are coming not only from groups inside of Russia but also from within the region as well from Russia allies like North Korea and Iran, historically sources of global cyber-threats, Emil Sayegh, president and CEO of Ntirety, an MSP that focuses on security, told The Register.