Cybersecurity Roundup: MSP Attacks, NCSAM, Exabeam, Comcast Business
… the target MSPs lost customers, which directly affects their bottom line.
CF: What are some of the other surprising findings in this report?
CN: While it’s obvious in hindsight, the attackers’ use of legitimate MSSP tools to carry out the attack was quite surprising. They used the industry’s own tools against them.
These attacks also illustrate why authentication is the cornerstone of security. Many of our security controls are based on trusted versus untrusted users. You can have the most sophisticated security in the world, but if an attacker can somehow digitally authenticate as a “trusted user,” the security goes out the window. MSPs, and companies in general, need to make sure their authentication process is secure. Everyone needs multifactor authentication (MFA) today.
CF: Does the report point to challenges/opportunities for MSSPs and other cybersecurity providers?
CN: Yes, MSSPs are vulnerable to the same type of attack. Like MSPs, they have remote tools for central management, and a multiplier factor since they manage security for many customer networks. Even worse, if an attacker gains an MSSP’s privileged access, they have the ability to turn on and off security for that MSSP’s customers as part of their attack.
In short, the same things that make MSPs juicy targets also apply to MSSPs. That said, MSSPs really should have top security expertise, so logic would dictate that they have better internal security than most companies.
CF: Does the report point to any progress being made?
CN: At the very least, these incidents have put a spotlight on the weaknesses in MSP networks. Many of the vendors of MSP RMM or central management products have reacted to these incidents by making MFA required in their products. That alone can greatly mitigate these types of attacks.
National Cybersecurity Awareness Month
Today marks the start of National Cybersecurity Awareness Month (NCSAM), a collaborative effort between government and industry to raise awareness about the importance of cybersecurity and to ensure that all Americans have the resources they need to be safer and more secure online.
NCSAM 2019’s theme is: Own It, Secure It, Protect It. This new call to action emphasizes the role each individual plays in maintaining online safety and stresses the importance of taking proactive steps to enhance cybersecurity practices at home, on the go and in the workplace.
Kelvin Coleman, executive director of the National Cyber Security Alliance, tells us regularly scheduled, effective employee cybersecurity training is still lacking in …