Cybercriminals are targeting MSPs as a way to get inside their customers’ networks.
Back in October, the U.S. Department of Homeland Security (DHS) issued a warning aimed at managed services providers (MSPs), managed security service providers (MSSPs) and cloud services providers (CSPs) that cyber gangsters are exploiting them to hack into their customers’ networks. And that they are doing so undetected.
The alert, called the Advanced Persistent Threat Activity Exploiting Managed Service Providers, cautions all providers, and highlights the exact nature of the attacks.
So what exactly is happening?
Clever and cunning as ever, malicious hackers are aiming at the “weak links” – i.e. MSSPs, MSP and CSPs – to get to their customers. DHS’ National Cybersecurity and Communications Integration Center (NCCIC) has been tracking this for more than two years, focusing on bad actors who are using advanced persistent threat (APT) tools designed specifically to break into the networks of both MSPs and CSPs and thereby the infrastructure of their customers.
The worst part about this is that the threat actors are exploiting the trusted relationship between provider and customer. They know that providers share sensitive information back and forth with their clients, and they are using these opportunities to slip into the customer’s network unnoticed.
“Threat actors appear to be levera