Drive-by and ransomware top MSP threats

Managed service providers (MSPs) have the twin challenges of protecting customer businesses from cyber security threats as well as their own. Keeping defenses in order does not get any easier, with threats aimed at SMEs continuing to multiply in frequency.

The latest ConnectWise MSP threat report has shone a light on the current situation faced by technology solutions providers (TSPs). One of the key takeaways from the latest report was the increase in drive-by attacks, with more hackers luring innocent victims into an attack. Techniques exploiting search engine optimisation (SEO) poisoning and malvertising were also taken to dupe unsuspecting staff.

The report underlined the important position the channel played in securing SME customers, with many lacking the in-house skills needed to protect their infrastructure.

It was also clear that criminals were using defence-evasion tactics to get round current attempts to protect data. Some of the most exploited vulnerabilities included those in popular software such as FortiOS, Citrix ShareFile, and MOVEit Transfer.

The MSP community also still has to fight the scourge of ransomware, which ConnectWise charted was up by 94% year on year (YoY). The firm investigated the modus operandi of the leading criminals groups and found that their primary targets were increasingly SME customers.

ConnectWise has been producing the Threat report for the past five years as part of its attempts to unearth information that can be used by the MSP community to protect themselves and their customers.

“This year’s Threat report serves as a stark reminder of the daunting challenges that the industry faces in developing and implementing effective cyber security strategies in an ever-changing and growing threat landscape,” said Raffael Marty, executive vice-president and general manager of cyber security at ConnectWise.

“The 2024 MSP threat report findings reveal the heightened risks stemming from outdated software, vulnerabilities associated with remote work environments, and the alarming surge in the frequency and impact of ransomware attacks. These mission-critical challenges demand immediate attention from TSPs as they gear up for the upcoming year,” he added.

Today also marks World Cloud Security Day, with many in the industry using it as an opportunity to encourage users to consider the strength of their defences. The day has been marked out since 2020 and was a reaction from the industry to the rising threats and a deliberate attempt to shine a light on the issue.

Moussa Zaghdoud, executive vice president of Cloud Communication Business Division at Alcatel-Lucent, said there was a need for customers and MSPs to be aware of the ongoing threats.

“Ensuring security, compliance, and privacy in cloud environments requires applying the latest protocols for encryption, authentication, and access controls. Independent third-party certifications provide assurance that solutions meet stringent industry standards,” he said.

“However, a one-size-fits-all approach does not work for every organisation, as security needs vary depending on business requirements, regulations in different regions, and sensitivity of data,” he added.