MSP Blog Logo

BDR

Business Growth

Cybersecurity

Help Desk

MDM

RMM

Sales & Marketing

Subscribe

Empowering Your MSP Business to Grow and Prosper—One Post at a Time

5 Ways to Improve Your MSP Service Level Agreement (SLA)

Featured Post

5 Ways to Improve Your MSP Service Level Agreements (SLAs)

SLAs are the foundation of your MSP business. They are essential to building strong client relationships and must be clear, reasonable and well-constructed.

Read Now

Breaking Down the Major Cyber Attack Methods Tricking MSPs

Posted May 15, 2018by Meaghan Moraes

Breaking-Down-the-Major-Cyber-Attack-Methods-Tricking-MSPs

Every person in IT—really every person in business today—is hyper-aware of their risk of getting breached. It’s real, especially for small-to-medium-sized businesses that lack the advanced security tools and expertise needed to remain afloat. Hackers are relentless and lurking everywhere, and MSPs are ultimately responsible for their entry, and the resulting damage, to their clients’ networks.

In order to detect suspicious activity faster and minimize as much harm as possible, it’s crucial that you understand the methods employed by cyber criminals. MSPs offering cyber security services will benefit from the following breakdown, which details the most common cyber attack tactics, key warning signs and tips to remain protected.

Two Sides of the Coin: Paths to Destruction

1. Smash-and-Grab

Cyber criminals operating with a “smash-and-grab” mentality profit more from obtaining a high volume of system resources for a short period of time. These hackers compromise the victim to do something specific so they can monetize quickly. For example, malware has a specific outcome—like encrypted files or a bot sending out spam—and the payload is specific. It’s basically a “make money and get out” system. This type of attack is typically same-day—sometimes up to a week. These quick hits, like spam email or spambots, are not forensically in-depth. They can be caught fast and erased fast.

Ransomware falls under this category. Why did 4,000 ransomware attacks occur every day in 2016? It’s quick and cheap, with a low bitcoin payback. All cyber criminals really do here is create polymorphic variants: a twist on the signature that antivirus software is programmed to detect. When a system is hit with something a signature has not been created for, it will bypass their security.

2. Persistent Threat Category 

If this approach were to be described in one word, it’d be “stealthy.” This method is typically carried out by cryptocurrency miners that find a foothold and break through over time—sometimes months. Cyber criminals often lurk undetected inside companies’ IT systems for 200 days or more before discovery. During this time, they gain access inside the network, escalate privileges, search for high value information, and ultimately exfiltrate data or perform other malicious activities.

The majority of AV solutions are barely able to counteract or even detect the virus, and its victims can only wait for the necessary signatures to be generated. These persistent threat attackers make money out of something the victim doesn’t notice—and they’re often just used as a launch point to get to more valuable data on someone else’s computer within the network. This was the case with Wannacry—ransomware that became persistent. These cyber criminals really do lurk—but with a bigger end game comes a bigger cost. They only gain a small fraction of the compensation, but still, they gain.

Spotting the Fingerprints

One in three (32 percent) security professionals lack effective intelligence to detect and respond to cyber threats, according to a recent survey from Anomali. Clearly there is a need for more proactive security measures that could help organizations effectively prepare for cyber attacks. As an MSP committed to protecting your clients’ businesses, you should not overlook the following areas:

  • Have up-to-date AV and backup installed.
  • Review user access and privileges.
  • Stay current on patching.
  • Take a holistic approach to identifying gaps in your environment.
  • Have a defined security program and tools that adhere to what you define across your environment.
  • Create an incident response plan.

Covering these bases will put you and your clients in the best position possible to avoid getting duped by the variety of hackers across the threat landscape. At the end of the day, you’re responsible for keeping your clients secure, so remaining educated on the latest cyber tactics and how risk continues to evolve will cement you as a true security partner.

 

Handpicked for you:

Download Cyber Security eBook

Meaghan Moraes is a Content Marketing Manager at Continuum, focusing on inbound and content marketing efforts surrounding cybersecurity and threat management. With several years of agency and tech marketing experience, Meaghan specializes in driving leads and conversion with her strategic and creative digital marketing content. In her spare time, she enjoys writing poetry, playing the piano, boxing, and exploring Boston’s best restaurants.

RMM 101: Must-Haves for Your IT Management Solution
MSP Guide to Managed Services SLAs  [white paper]
comments powered by Disqus