The 2021 Webroot BrightCloud threat report has confirmed what many in the managed services world already know – that they are firmly in the sights of malware attacks.
There have been a number of high-profile attacks recently, highlighting the risks of criminals gaining access to the systems of companies that provide support to customers. Kaseya is the most prominent example of the past three months.
As more customers turn to managed service providers (MSPs) to handle their IT needs, the volume of attacks on those working in the supply chain has increased.
The report showed that those helping to manage customers had been the targets of cyber criminals. “The management of companies and enterprises industry has shown the most significant increase in malware infections – 57% versus the global average – highlighting the fact that technology supply chains are under attack,” the report said.
Other targets have included the oil, gas and mining sector, up 47% in 2021, along with manufacturing and retail, with a 32% year-on-year hike.
The report also exposed a problem with security practices, finding that 49% of business devices that had been attacked sustaining another infection because hygiene was not robust enough.
Grayson Milbourne, Webroot
“People aren’t learning from their cyber mistakes and, more concerning, they aren’t equipped with knowledge on how to prevent repeat mistakes. Organisations must take ownership of the issue and do all they can in leading their people to improve security awareness, knowledge and habits,” said Grayson Milbourne, security intelligence director at Webroot.
The firm advised suppliers and customers to improve their security posture and hygiene to make life harder for those trying to infect their systems.
The Webroot warnings coincided with findings released by connected device security player Ordr in its Rise of the Machines 2021 report, which found that there were gaps left by users for criminals to exploit.
One of the main problems, it said, was the number of users still using outdated systems that lacked the highest security defences. The firm found there was a dogged number (19%) of deployments being run on Windows 7 machines or older and 34% on Windows 8 machines.
The problem was particularly acute in the healthcare sector, where 15% of medical devices and 32% of medical imaging devices were found to be running on outdated operating systems.
“Once again, we found an astonishing and worrisome number of vulnerabilities and risks in connected devices, which is a crucial reminder that organisations must have comprehensive visibility as well as security for everything connecting to their networks,” said Ordr CEO Greg Murphy. “As the number of connected devices climbs, the number and sophistication of attacks targeting them will grow.”