IT, Cybersecurity and Compliance Solutions in Washington and Oregon

Hackers Target MSP's to get to You!

Written by Byron Martin | Dec 27, 2019

To get inside Managed Service Providers, MSPs, attackers have capitalized on security lapses such as weak passwords and failure to use multi-factor authentication. They are also exploiting vulnerabilities in “remote monitoring and management” software that the IT Providers use to install computer updates and handle other client IT needs.

Is Your MSP a Target for Hackers?

The newest cybersecurity threat to your business may not be targeting you directly.  It may be targeting your IT service provider.

Managed Service Providers (MSPs) are outsourced organizations that manage the IT for small and mid-sized companies. Rather than hire a team of IT professionals, these companies often use an MSP to take care of their IT so they can focus their time and energy on the rest of their business.   

Hackers have identified that, rather than trying to infiltrate individual companies, it’s easier to target MSPs. By hacking into one MSP, they can infiltrate multiple companies simultaneously through the remote management software that they use for their clients. Because an MSP may service dozens if not hundreds of companies, by infiltrating just one MSP, it has the potential to install ransomware on dozens if not hundreds of businesses at once.

 

 

A nearby example of this was in the news this summer. PM Consultants, Inc., a Portland-based MSP, was hacked and their software used to place ransomware on dozens of dental clinics that they serviced in Oregon and WashingtonPM Consultants was not able to remedy the situation with any of their clients, and they closed their doors shortly after the incident. The dental offices had to call other IT firms to help them out, had to cancel appointments, and shut down their offices for days as they sorted through the mess.

This is starting to become the norm. An MSP in Texas that served municipalities across the state was hit in August, shutting down 22 cities for weeks. In Wisconsin, another MSP was targeted which left 400 medical practices across the country without access to their files. And just last week 100 dental offices were shut down in Colorado because their IT provider was hacked.  These are just a few examples of the dozens happening across the country.

 

Image courtesy of InfoSec Insights

 

IT Companies are not Cybersecurity Companies

When organizations like the ones above look for an IT service provider, they often think they don’t have to worry about cybersecurity. However, IT and cybersecurity are two very distinct disciplines.

IT deals with computers and networks being operational on a day-to-day basis through the hardware and software that keeps them running. Cybersecurity ensures that a company’s data is safe from both internal and external threats, most of which is done behind the scenes. When your IT isn’t working, it affects you directly. When cybersecurity isn’t working, you often won’t find out for weeks or likely months after, which will come at a much higher cost and risk to your business. In short, IT is not cybersecurity.

If you use an IT service provider, make sure you understand whether cybersecurity is part of their DNA. Here are a few questions you can ask to find out:

  • Are they SOC 2 Certified?

  • Do they have dedicated “Trained and Certified Cybersecurity Professionals? What certifications do they have?

  • What is their coverage and can they provide a copy of their insurance certificate?

  • Are they audited by a third party which looks at security and privacy practices? 

  • Do they have a third party audit how they handle sensitive client data? 

  • Do they have a third party auditing their own internal technology for security vulnerabilities?

 

What is SOC 2?

The SOC 2 certification is a “Good Housekeeping” seal for MSPs. SOC stands for “system and organization controls,” which are a series of standards set by the AICPA (American Institute of CPAs) to “provide specific users with information about controls related to security, availability, processing integrity, confidentiality or privacy.” By becoming SOC 2 certified, an organization has proven that its operations are in line with general security practices.

When an MSP is SOC 2 certified, the likelihood of your security being affected because of your provider drops significantly. This is the standard by which many companies like financial institutions and other highly regulated industries are using to ensure that their data and the data of their customers remain safe.

The reality is that the state of cybersecurity for businesses is changing at an unprecedented rate. With breaches in 2019 increasing at a rate of 44% month over month, it can be daunting to know where to begin to protect your business.

A good place to start is doing your homework on vendor due diligence when selecting an IT service provider. Those who fail to do so may be caught off guard in 2020 by a cybersecurity event itself or the unexpected and drastic rise in costs to secure and protect their business.

 

 

 

Teknologize is a SOC 2 certified, Professional Technology Services company with clients throughout the Pacific Northwest. We have offices located in:

  • Tri-Cities, Washington 509.396.6640
  • Yakima, Washington 509.396.6640
  • Bend, Oregon 541.848.6072
  • Seattle, Washington 206.743.0981

Questions about your IT or Cybersecurity? Give us a call today!