MSPs Targeted as Hackers Realize Potential for Profit in Supply Chain Attacks

Supply chain attacks allow cybercriminals to attack businesses through weak links in the supply network. Smaller companies are attacked, which gives hackers access to larger and better secured businesses: Businesses that would be harder to attack directly.

This attack method was used to spread NotPetya malware in Ukraine. A software supply company was breached which allowed the malware to be spread to the software supplier’s clients. The massive data breach at Target in 2014 was made possible by first attacking an HVAC system provider. The attack allowed hackers to install malware on the Target’s POS system and obtain the credit card numbers of millions of its customers. According to Symantec, supply chain attacks doubled in 2018.

There are many different types of supply chain attacks, but all serve a similar purpose. By attacking one company it is then possible to attack a bigger fish, or in the case of attacks on cloud service providers and managed service providers, a single attack will give a hacker access to the networks of all MSP clients.

Large businesses often have the budgets to hire their own IT and security staff and can implement robust defenses to prevent attacks. Smaller businesses often struggle to recruit security professionals as they are in high demand. With the shortage of skilled cybersecurity staff and an inability to pay the large salaries that skilled cybersecurity professionals demand, SMBs often turn to MSPs to provide those services.

In order to be able to provide those services, managed service providers are given remote access to their client’s networks. Many of the tasks that need to be performed by MSPs require administrative privileges. Managed service providers also hold login credentials to their clients’ routers and cloud accounts. All of those credentials are extremely valuable to hackers.

Given the typical number of clients each MSP has, a successful attack on an MSP could prove very profitable for a hacker. It is therefore no surprise that there has been an increase in cyberattacks on MSPs and CSPs.

While MSPs are usually good at securing their clients’ networks and ensuring they are well protected, they also need to ensure their own house is in order. Patches must be applied promptly, vulnerabilities must be addressed, and security solutions must be put in place to protect MSPs systems.

MSP staff should be security aware, but when they are busy resolving their clients’ problems, mistakes can easily be made such as responding to a well-crafted spear phishing email. All it takes is for one MSP employee to respond to such an email for a hacker to gain a foothold in the network.

Naturally, security awareness training should be provided to all MSP employees and security solutions need to be deployed to protect against email and web-based attacks.

This is an area where TitanHQ can help. TitanHQ’s anti-spam solution, SpamTitan, offers advanced protection against phishing and spear phishing attacks. A recent update has also seen DMARC email authentication and sandboxing features added to better protect users from phishing and malware attacks.

TitanHQ’s DNS-based content filtering solution further enhances protection against phishing attacks and prevents MSP employees from visiting malicious websites. Being DNS-based, malicious websites are blocked before any content can be downloaded.

In addition to helping MSPs protect their own networks, both solutions are ideal for MSPs to offer to their SMB clients and have been developed to perfectly meet the requirements of MSPs.

If you are an MSP and you have yet to implement a web filter or you are looking for an advanced spam filtering solution for you or your clients, give the MSP team at TitanHQ a call today to find out more about both solutions and how they can protect your business and better protect your clients.

