Managed service providers facing more attacks than ever before

News
By published

Cybercriminals are using compromised MSPs to launch attacks against their customers

(Image credit: Shutterstock.com)

Cyberattacks involving compromised Managed Service Providers (MSPs) are on the rise according to a recent warning sent to private sector and government organizations by the US Secret Service.

MSPs are a particularly attractive target since a single MSP can service a large number of customers and cybercriminals use this to their advantage to launch attacks against multiple companies through the same vector.

In a security alert sent out last month, Secret Service officials said that their Global Investigations Operations Center (GIOC) had observed cybercriminals using compromised MSPs to launch attacks against PoS systems, to carry out business email compromise (BEC) attacks and to deploy ransomware.

Targeting MSPs

Attacks against MSPs surged in 2019 when ransomware gangs including GandCrab and REvil began targeting them as a way to infect their customers.

According to a report from the threat intelligence firm Armor, the company revealed that it had identified at least 13 different MSPs which were hacked in 2019 in order to deploy ransomware on the their customers' networks.

The Secret Service also provided best practices for MSPs and MSP customers to follow to avoid falling victim to an attack in its security alert. 

The US federal agency recommends that MSPs have a well defined SLA, ensure remote administration tools are patched and up to date, enforce least privilege for access to resources, have well defined security controls, perform data audits and proactively conduct cyber training and education programs for their employees. At the same time, the Secret Service recommends that MSP customers audit SLAs and their remote administration tools, enable two-factor authentication for all remote logins, restrict administrative access during remote logins and utilize a secure network and system infrastructure.

Via ZDNet

Anthony Spadafora
Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

Latest in Security
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Broadcom warns of worrying security flaws affecting VMware tools
Android Logo
Devious new Android malware uses a Microsoft tool to avoid being spotted
URL phishing
HaveIBeenPwned owner suffers phishing attack that stole his Mailchimp mailing list
Ransomware
Cl0p resurgence drives ransomware attacks to new highs in 2025
Google Chrome
Google Chrome security flaw could have let hackers spy on all your online habits
cybersecurity
Chinese government hackers allegedly spent years undetected in foreign phone networks
Latest in News
The Samsung Galaxy S25 Edge on display the January 22, 2025 Galaxy Unpacked event.
Samsung Galaxy S25 Edge colors seemingly revealed in new video, and there’s another sign of an imminent launch
Promotional image for Malcolm in the Middle featuring the original cast playing golf
Malcolm in the Middle's Disney+ revival gets underway as the series finds its cast – here's which characters are returning
Group of people meeting
Inflexible work policies are pushing tech workers to quit
A young woman is working on a laptop in a relaxed office space.
I’ll admit, Microsoft’s new Windows 11 update surprised me with its usefulness, providing accessibility fixes, a gamepad keyboard layout, and PC spec cards
Youtube
YouTube Premium could be getting a new time-saving perk, showing you recommended videos directly in your playback queue
inZOI promotional material.
inZOI has become the most wishlisted game on Steam, but I wouldn't get too caught up in the hype
More about security
Android Logo

Devious new Android malware uses a Microsoft tool to avoid being spotted
Google Chrome

Google Chrome security flaw could have let hackers spy on all your online habits
Promotional image for Malcolm in the Middle featuring the original cast playing golf

Malcolm in the Middle's Disney+ revival gets underway as the series finds its cast – here's which characters are returning
See more latest
Most Popular
Promotional image for Malcolm in the Middle featuring the original cast playing golf
Malcolm in the Middle's Disney+ revival gets underway as the series finds its cast – here's which characters are returning
The Samsung Galaxy S25 Edge on display the January 22, 2025 Galaxy Unpacked event.
Samsung Galaxy S25 Edge colors seemingly revealed in new video, and there’s another sign of an imminent launch
Group of people meeting
Inflexible work policies are pushing tech workers to quit
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Thursday, March 27 (game #655)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Thursday, March 27 (game #389)
Youtube
YouTube Premium could be getting a new time-saving perk, showing you recommended videos directly in your playback queue
Quordle on a smartphone held in a hand
Quordle hints and answers for Thursday, March 27 (game #1158)
Android Logo
Devious new Android malware uses a Microsoft tool to avoid being spotted
A young woman is working on a laptop in a relaxed office space.
I’ll admit, Microsoft’s new Windows 11 update surprised me with its usefulness, providing accessibility fixes, a gamepad keyboard layout, and PC spec cards
inZOI promotional material.
inZOI has become the most wishlisted game on Steam, but I wouldn't get too caught up in the hype