In a report about global threats, cybersecurity vendor says service providers are both targets and protectors
Cloud-based cybersecurity vendor CrowdStrike’s report on worldwide security threats puts another spotlight on the role of MSPs both as targets of cybercriminals and as cost-effective options for businesses that don’t have the resources to defend themselves against attacks.
The Lowdown: The discussion of MSPs was part of the Sunnyvale, California-based company’s larger 2020 CrowdStrike Global Threat Report that took a deep dive not only into the kinds of threats facing enterprises and other organizations in a wide range of sectors but also the myriad threat groups behind the attacks.
The Details: The report outlined the ongoing threat from ransomware attacks, as well as the continued growth of other dangers, including malware-free attacks, such as those where a file wasn’t written to a disk. Examples of these include attacks when code executes from memory or where stolen credentials are used for remote log-ins.
The CrowdStrike researchers noted that bad actors are continuing to leverage ransomware, with demands reaching into the millions of dollars. The technology field was listed among the most prevalent sectors being attacked and the report noted an “alarming trend” toward targeting MSPs, adding that “subsequent use of remote management software can enable the spread of ransomware to many companies from a single point of entry.” One threat group out of India, dubbed Wizard Spider, targeted the sector and hit cloud service providers.
The company also noted the increasingly important role MSPs and other solution providers play in protecting organizations against attacks. With cybersecurity threats becoming more sophisticated, what’s needed are mature processes and experienced security professionals, things not every enterprise or SMB are equipped with. For those businesses, service and solution providers are the best and most cost-effective way to close the talent gap.
The report, released Tuesday, can be found here.
The Impact: The growing ransomware threat to MSPs has gained attention over the past year or more. Vendors like Asigra have warned providers about the situation – in that case, particularly about the use of remote monitoring and management (RMM) platforms – and others, including Barracuda Networks and Axcient, have introduced anti-malware tools for MSPs.
The Buzz: “Those of us who have worked in cybersecurity for many years often start to think we’ve ‘seen it all.’ We haven’t. This year’s CrowdStrike Global Threat Report provides clear evidence of that,” CrowdStrike co-founder and CEO George Kurtz said. “Consider the dark turn in cybercrime toward preying on schools, municipal departments, and our other chronically understaffed and overburdened public institutions. This is different from targeting large government entities and corporations, many of whom have resigned themselves to being targeted by cyberpredators and have the opportunity to try to protect themselves from that onslaught. It’s a different matter entirely when the targets are schoolchildren, or just ordinary people trying to go about their daily lives.”
“This year’s report indicates a massive increase in e-crime behavior can easily disrupt business operations, with criminals employing tactics to leave organizations inoperable for large periods of time,” said Jennifer Ayers, vice president of OverWatch at CrowdStrike. “It’s imperative that modern organizations employ a sophisticated security strategy that includes better detection and response and 24/7/365 managed threat hunting to pinpoint incidents and mitigate risks.”