Managed service providers (MSPs) have long been targets for attackers. In recent months, however, the number of attacks against MSPs has skyrocketed. Malicious efforts culminated this month with a supply chain cyberattack on IT management software provider Kaseya. The attack is believed to have affected at least 30 MSPs and almost 60 Kaseya customers in total.
On July 2nd, signs of a “sophisticated cyberattack” on the on-premises version of Kaseya’s VSA software became apparent. Kaseya is a platform used by MSPs to manage their clients. In hacking this one resource, the hackers were able to gain access to hundreds of client systems. According to Kaseya, the MSP attack leveraged zero-day vulnerabilities to perform an authentication bypass, followed by arbitrary file upload, command injection, and the spread of malware and ransomware.
The attack, according to reports, had the signatures of ransomware-as-a-service group REvil, and caused extensive downtime for over 1,000 companies. One particularly affected party was the Swedish supermarket chain, Coop. For days, Coop had to close hundreds of stores across the country.
In light of these attacks, MSP customers may find themselves wondering if they are truly safe. Particular frustrations surround reports that seven of the vulnerabilities used in the attack were reported to Kaseya months earlier. The question many customers may ask is: why wasn’t my MSP more prepared for an attack?
Proactive Security is Vital to Prevent MSP Attacks
With MSP attacks through ransomware on the rise for over a year now, providers should have significant resources dedicated to preventing and mitigating this kind of incident. This is especially true after the Cloud Hopper and SolarWinds attacks, which had far-reaching impacts. We have worked hard for many years at VirtuWorks to ensure our customers are secure. We are pleased to say that we were not affected by the Kaseya attack and have the frameworks in place to prevent and mitigate the attacks of the future.
In this shifting security landscape, it is incredibly important that MSPs have the practices, tools, and services to ensure customer’s data remains available, confidential, and untampered with. In 2019, VirtuWorks took steps to prove this to customers by achieving ISO 27001 certification. This certification demonstrates that an MSP is following international standards for security best practices surrounding Information Security Management Systems (ISMSs). Critically, it requires continual improvement on the part of the MSP. ISO 27001-certified MSPs must participate in an external review process each year and be recertified by the ISO every three. By necessity, they must stay on top of the latest threats and standards and provide industry-leading protection.
An ISO-certified MSP like VirtuWorks will ensure that information remains confidential by limiting information access and disclosure to authorized users. They will also ensure the integrity and availability of that data by verifying that attackers have not modified it and that key redundancy and data safety mechanisms are in place.
VirtuWorks’ managed IT services solution provides a next-generation comprehensive security system. It combines industry best practices with an extensive layered system of fault tolerance. Our experts further provide 24/7 surveillance of physical and digital premises, regular security audits, and assessments. We also do patch management supervision and routine penetration tests. All of this is specifically designed not just to protect against known threats, but also the unknown, sophisticated ones that MSPs have been facing.
In this security landscape, it has become clear that your choice of MSP can be the difference between success and bankruptcy. If you don’t want to take a risk on your protection, reach out to VirtuWorks and learn more about how we can help you.