FBI Warns MSPs of Cyberattacks from China
… unprepared some businesses are to deal with such cyberattacks, and a lack any type of standardization.
“The APT10 activities are particularly troublesome as it attacks those charged with protecting information technology in the U.S.,” noted Oli Thordarson, CEO at Alvaka Networks. “If ever there was a time for IT service providers to double down on a structured framework like the NIST standards, that time is now.”
“Keys to preventive risk mitigation include enterprise-level layered security infrastructure and processes for small organizations, in addition to larger entities,” added Hammad. “Necessary layered security techniques include managed Unified Threat Management (UTM) firewalls; antivirus; DNS malware protection; email and hard disk encryption; and two-factor authentication — all configured and managed by qualified IT personnel.”
Technology, however, only seems to be part of the protection puzzle; proactive maintenance seems to be a key as well.
“Another point to be driven home based on the FBI report is the need for software patching and two factor authentication,” said Thordarson. “I am alarmed when I see how far behind most clients are on their patching duties. Sometimes they are years behind on some key servers and other devices. Just keeping up with patching and implementing two-factor authentication goes far, but I don’t mean to mitigate the need for additional layers of security protection for all firms.”
The question remains: With the ongoing government shutdown, will attacks grow in frequency and will cybersecurity issues take longer to identify and remediate? Simply put, MSPs should hope for the best, but prepare for the worst.
- Page 1
- Page 2