MSP -and Its Clients- Held Hostage by Hackers
Hackers attacked an MSP’s business management tool, Connectwise, and locked all systems managed by the MSP, including connected client systems. This resulted in all clients being blocked from their own systems and servers.
Through this ransomware attack, more than 1,000 client systems were locked and inaccessible until a ransom was paid. In this case, the ransom required was $2.6 million.
How Did This Happen?
A simple case of broken process. The MSP didn’t apply a security patch that would have prevented this entire event.
In 2017, Connectwise found that its plugin for Kaseya, a remote management tool, had a security flaw. This vulnerability allowed Kaseya servers to be manipulated without first proving identification. With this discovery, Connectwise released a patch to fix the vulnerability and protect against hacking attempts.
It appears the affected MSP did not update the patch when it first became available in 2017, leaving itself and all its clients vulnerable to attack for years.
What Should Have Happened
Following time-tested security protocols would have prevented this attack. At iVenture, we adhere to a culture of security. This means a company-wide duty to treating our client information as the most valuable asset we have. It means baseline security is not an option for our clients, it’s a requirement.
This intentional mindset influences how we recruit, how we train and how we audit our team and company. And it starts with dedication to a highly-defined process and adherence to best practices.
Is Your MSP Doing the Right Thing?
If they undergo a regular external security audit like we do, they’re on the right track. Every year, we complete the SSAE 18/SOC 1 Type II audit to ensure we meet the strictest security standards. SSAE 18 compliance means we’ve met these benchmarks and have the necessary processes in place to protect your information. We don’t undergo this six-month audit because it’s easy, we do it because it’s necessary.
To us, prevention is just as important as detection. On average, MSPs face over 1,000 hacking attempts every day. That, alone, is cause to do the right thing. And it’s why we work proactively to defend against cyber attacks and resolve them if they do occur. Here’s some of what we do to combat hackers:
- Data Securing
- Regular Compliance Auditing
- Anti-virus Protection
- Anti-spam Protection
- Web Filtering
What To Learn From This
What happened to that MSP is a lesson to all businesses and the IT providers that serve them. Never take your MSP’s word at face value. It’s important to ask:
1. What does their security culture and strategy look like?
2. Do they engage in a regular third-party security audit?
3. Can they show (not just tell) how they intend to keep your data safe?
If your IT provider is unable to clearly demonstrate how they protect your business, it’s safe to assume they can’t. We will. Let us show you a better way with business-friendly IT.
iVenture Solutions, Inc. is an award-winning managed service provider delivering superior IT solutions to clients across Florida. As a leading-edge IT firm for small and medium-sized businesses, we provide a diverse range of services covering the entire scope of IT including maintenance, support, hosting and more. Through rapid response time, reduction of chaos and the right people, our expert team of IT professionals will fulfill your technology needs. At iVenture, we give you more time to do what matters most.