Search
Homepage This page's url is: -crn- Rankings and Research Companies Channelcast Marketing Matters CRNtv Events WOTC Jobs HPE Discover 2019 News Cisco Partner Summit 2019 News Cisco Wi-Fi 6 Newsroom Dell Technologies Newsroom Hitachi Vantara Newsroom HP Reinvent Newsroom IBM Newsroom Juniper NXTWORK 2019 News Lenovo Newsroom NetApp Insight 2019 News Nutanix Newsroom Cisco Live Newsroom HPE Zone Tech Provider Zone

The 10 Top News Stories Of 2019 (So Far)

Cloud outages, the JEDI cloud contract controversy, blockbuster vendor and channel acquisitions, the rise of Everything-as-a-Service and a wave of attacks against MSPs are among the top news stories so far in 2019.

Back 1 ... 8   9   10   11  
photo

1. MSPs At Risk

MSPs have completely reshaped the channel, providing mission-critical outsourced services to help customers reduce costs and increase sales. But in 2019 a series of security breach incidents put the spotlight on a potential downside to the rise of MSPs: Cybercriminals are targeting MSPs and using the tools they use to manage customer IT systems as vehicles to attack their customers.

A wakeup call came in April when Wipro, the giant India-based solution provider, acknowledged that employee accounts had been hacked in a phishing campaign. Wipro's systems were then used to launch attacks against at least a dozen of the company's IT outsourcing customers.

Wipro had fallen prey to a multimonth intrusion from an "assumed state-sponsored attacker," according to KrebsOnSecurity. Wipro said it was able to detect and respond to the threat and limit the damage, but the incident highlighted the potential danger.

CRN shined the spotlight on the risks facing MSPs with a detailed look at the Wipro incident and the warning from the National Counterintelligence and Security Center aimed at educating businesses on the on the scope and scale of the risk.

The remote monitoring and management (RMM) tools used by MSPs are often the attack vector used by hackers. In February cybercriminals exploited ConnectWise partners who had not patched an integration tool with a rival MSP platform, using it to install ransomware on end users' machines. Then, in the Wipro incident, the attackers were believed to have used ConnectWise Control on the hacked systems to connect to Wipro client systems, which were then used to obtain deeper access into Wipro customer networks.

ConnectWise CEO Jason Magee defended the company’s security stance in the wake of the Wipro breach. “ConnectWise takes cybersecurity seriously and we realize that rumored and confirmed security incidents create stress and concern for our partners,” said Magee. “Once we become aware of an issue, we are proactive in taking steps to resolve and/or make our partners aware of the risk.”

The incidents have continued through the year. In June IT By Design, a master MSP that provides network and security operating center services to more than 250 MSPs, was hit by a ransomware attack that spread to eight customers. In July NinjaRMM said its RMM tool was used to spread ransomware, accessing a customer's NinjaRMM account and using the software to distribute ransomware across multiple endpoints.

Earlier this month Continuum said one of its MSP partners was hit by hackers, likely though a phishing campaign, who managed to steal credentials that were then used to disable antivirus tools and run scripts to deploy ransomware to several customers.

“This scares me to death,” said a top MSP executive speaking to CRN about the wave of attacks. “The immaturity level in the MSP marketplace on security right now is mind-boggling. If a hacker infiltrates your tool sets, all those tools you have installed on all your client’s networks are vulnerable. No one is immune to this. It could happen to anyone at any time. This is bad, really bad. And this is the tip of the iceberg. Imagine how much data exfiltration is happening right now.”

 
 
Back 1 ... 8   9   10   11  

sponsored resources