Protecting MSPs from Million Dollar Ransomware Attacks
by Amelia Lewis / April 21st, 2021
The DarkSide Ransomware Attack on CompuCom
On March 3, the IT managed service provider (MSP) announced they had fallen victim to a Darkside ransomware attack. The cybercrime group installed CobaltStrike beacons on several systems throughout the MSP’s environment. These beacons helped the threat actor steal data, spread the virus, and deploy ransomware payloads.
The MSP expects the incident to result in losses of $20 million and counting due to the disruption of customer services and internal operations. Since CompuCom is up for sale, the attack has come at an inopportune time for the company.
Why Are MSPs Popular Targets?
CompuCom is the fifth managed service provider to fall victim to a ransomware attack in the past year. Ransomware trends are showing a direct connection to MSP targets.
With ransomware, threat actors are looking to infect as many devices and networks as possible, offering them a higher likelihood of receiving the ransom. MSPs serve as a gateway to their client’s devices and networks, making them an attractive target for this sort of attack.
What Are The Top Cybersecurity Risks for MSPs?
MSPs are at higher risk because of their connectivity to client environments. If MSPs undergo a breach of any sort, it can impact the operations of all the companies who depend on it. Here are three of the top cybersecurity risks for MSPs:
- Malware – With malware proving effective on MSPs, trends indicate that the attacks are only increasing.
- Social Engineering – Attackers choose softer targets, and social engineering campaigns are key tricks in their arsenal to introduce client-side exploits and compromise your systems.
- Cloud Security Compromise – Complexity is the enemy of security, and many staff members are not as familiar with cloud security controls and security features. These misconfigurations can be the beginning of the breach.
Validate Cybersecurity Effectiveness With Penetration Testing
With MSPs becoming a focal point in a series of attacks, they are beginning to receive unwanted attention from the public, who are more frequently inquiring about incident readiness. Here are five ways KirkpatrickPrice testing can validate your cybersecurity effectiveness:
- Determine your level of risk
- Test the effectiveness of your security controls
- Gain awareness of your gaps
- Get guidance on closing your gaps
- Demonstrate your commitment to security
Attackers are constantly scanning their next target for any weak spots to exploit. Proactive measures demand aggressive approaches to discover holes in your security are before a hacker does. Our penetration testers mimic real-world hackers by using modern-day, targeted techniques to identify the gaps in your security. Once they discover any vulnerabilities, they offer you step-by-step guidance on how to remediate them.
