SHI International attack shows the channel are targets

The attack on SHI International has underlined again how the channel ecosystem is firmly in the sights of the cyber criminal fraternity.

Earlier this week, SHI revealed it had been the victim of a malware attack and had lost access to email and other systems as a result.

The reseller moved quickly to restore access and informed customers that it had managed to contain the attack and prevent it from causing widespread harm.

“Over the 4 July holiday weekend, SHI was the target of a coordinated and professional malware attack,” the firm stated in a blog post. “Thanks to the quick reactions of the security and IT teams at SHI, the incident was swiftly identified and measures were enacted to minimise the impact on SHI’s systems and operations.

“These preventative measures included taking some systems, including SHI’s public websites and email, offline while the attack was investigated and the integrity of those systems was assessed.

“While the investigation into the incident is ongoing – and SHI is liaising with federal bodies including the FBI and CISA – there is no evidence to suggest that customer data was exfiltrated during the attack. No third-party systems in the SHI supply chain were affected.”

Since revealing the attack, the firm has not given further details, but publicly stated that it was getting back to “business as usual”.

Although SHI is based in the US, it has an international customer base and supports customers across the UK.

Adding the SHI attack to those targeting Kaseya and SolarWinds starts to paint a picture of an industry that is a growing target for criminals.

With the rise of channel ecosystems and the managed service model, the attraction for criminals is that one MSP can be a gateway into a wider number of businesses.

The response from the MSP industry to other attacks – and no doubt will be the same to SHI – is to call for more awareness about the need for better levels of defence against malware.

Speaking back in January, Tim Weller, CEO of Datto, said all MSPs had to accept that they were targets and needed to face the security challenge to protect both themselves and their customers.

“If MSPs aren’t already hearing that from their SMEs, if the government doesn’t mandate it, competition will,” he said. “You will lose your clients to MSPs that show better in the security arena. You’re in the security business.”

Weller said there were several implications of accepting a responsibility for personal and client security: “The first one is get your own house in order. The answer to that is not to run away from your toolsets and worry about your vendors.”