Cyberprotection requires three things: people, process and tools.
CrowdStrike‘s latest research shows a disturbing trend in ransomware increasingly attacking MSPs
The cloud-native endpoint protection platform provider’s 2020 Global Threat Report observed activity using remote management software to target many companies through a single point of entry in MSPs and cloud service providers, while also seeing a string of health care attacks by first breaching an MSP.
While the attention is often on protection for organizations, CrowdStrike found that it’s critical MSPs plan ahead to combat these attacks.
CrowdStrike’s Jennifer Ayers
Jennifer Ayers, vice president of OverWatch and security response at CrowdStrike, tells us protection requires three things: people, process and tools.
“A critical component is having the right team mix with the right skill sets and knowledge to understand the types of threats that may be targeting not just the MSP but also their customer,” she said. “In an ever-changing threat landscape, the need to understand the what and why an MSP may be a target is important. Second is ensuring that environments have the right security applied. For example, we know taking advantage of remote desktop protocol (RDP) is a very common technique used by adversaries. Are the right tools in place to monitor and reduce RDP usage?”
In addition, MSPs can use a comprehensive solution that unifies next-generation antivirus (AV), IT hygiene, endpoint detection and response (EDR), cyber threat intelligence and proactive threat hunting, Ayers said.
“They can also standardize their threat intelligence, a critical security tool in today’s threat environment, to have better visibility into adversary activity and the assets being targeted so that they know what and how to protect them,” she said.
CrowdStrike saw an increase in ransomware incidents, maturation of the tactics used and increasing ransom demands from e-crime actors. Increasingly these actors have begun conducting data exfiltration, enabling the weaponization of sensitive data through threats of leaking embarrassing or proprietary information.
Moving beyond e-crime, nation-state adversaries continued unabated throughout 2019, targeting a wide range of industries, according to CrowdStrike.
Another key trend in this year’s report is the telecommunications industry being targeted with increased frequency by threat actors, such as China and North Korea. CrowdStrike intelligence assesses that various nations, particularly China, have interest in targeting this sector to steal intellectual property and competitive intelligence.
“In 2019, big-game hunting (BGH), another term for enterprise-scale, targeted ransomware operations, was the most lucrative enterprise for e-crime adversaries,” Ayers said. “More than a dozen of the largest ransom demands reported were in the millions compared to the hundreds of thousands the year before. Numerous adversaries specializing in the delivery or development of malware benefited from supporting customers or partners conducting BGH operations. Of all e-crime threats, ransomware represented 26% of what was reported in 2019. The number climbs to 37% of threats when ransomware reports are combined with reports of banking trojan malware operated by BGH adversaries (e.g., TrickBot).”
The trend toward malware-free tactics accelerated, with malware-free attacks surpassing …
From https://mymarketlogic.com/blog/msps-under-heavy-ransomware-attack/
from
https://marketlogic0.wordpress.com/2020/03/05/msps-under-heavy-ransomware-attack/
From https://managedservicesmarketing.blogspot.com/2020/03/msps-under-heavy-ransomware-attack.html
from
https://managedservicesmarketing.wordpress.com/2020/03/05/msps-under-heavy-ransomware-attack/
No comments:
Post a Comment