The U.S., U.K., Australia and Canadian Cybersecurity Advisories have released a warning of an expected increase in attacks on managed service providers (MSPs). A managed security service provider provides outsourced monitoring and management of security devices and systems.
Common services used by companies include managed firewall, intrusion detection, virtual private network, vulnerability scanning and anti-viral services.
The main concern expressed by these state agencies is that if hackers are able to successfully breach a service provider’s network, the door is wide open for follow-up ransomware attacks across a provider’s infrastructure and customer base.
In the wake of this warning, Mike Walkey, SVP Global Channels and Alliances at Veritas Technologies, tells Digital Journal why businesses should get up to speed. Walkey has developed some key points to advise MSPs and organizations on the best practices required to prepare and respond from ransomware attacks.
Putting this into context, Walkey says: “The Cybersecurity Advisory warning of the rising malicious cyber activity targeting MSPs will come as no surprise to most. However, what many overlook is the devastating ripple effects that occur when a network environment is breached.”
In setting this warning out, Walkey notes: “If successful, this sort of attack has widespread implications, and promotes follow-up attacks such as ransomware against the MSP and their entire network and customer base.”
In terms of taking firm action, Walkey recommends: “To protect from such a situation and minimize any potential damage, MSPs must ensure their customers’ data is recoverable at lightning speed.”
More specifically, Walkey explains that bBy utilizing the following best practices, MSPs can prepare and respond readily.
Examples from Walkey include:
- Protect networks through multi-factor authentication, encrypted data, and immutable, indelible backup.
- Ensure consistent monitoring leveraging AI driven anomaly detection to identify any anomalous backup activity that could indicate a ransomware attack is underway.
- Lastly, implement a trusted backup platform to automate and orchestrate a complete cross-site or multi-cloud restoration with the click of a button.
These measures can help organisations to prepare for state-sponsored advanced persistent threat groups that are increasingly turning their attention to MSPs.
