Cybercriminals are targeting MSPs for their extensive networks of clients. While malicious actors are using a variety of threat vectors to gain access to client infrastructures, remote monitoring, and management (RMM) software is what many cybercriminals are targeting — and for good reason.
If you’re an MSP operating in today’s every-growing IT threat landscape, you’re more than likely using an RMM solution to proactively monitor your client’s networks, endpoints, and computers from afar. In fact, out of all the applications you’re using currently, you probably consider your RMM solution to be an essential component of your business, as do many other MSPs.
RMM remains the most important application for 61 percent of MSPs, according to Kaseya’s 2020 MSP Benchmark Survey. Unfortunately, MSPs aren’t the only ones in agreement about the importance of RMM solutions. Cybercriminals have been monitoring potential vulnerabilities in RMM solutions and targeting the clients and employees of MSPs.
Compromised credentials have been to blame in many instances where hackers have hit end-customer systems by using MSP software. Being that MSPs pride themselves on being experts on IT and cybersecurity, they should know better. Still, for some reason, the vulnerabilities remain.
This begs the following question: How can MSPs practice better cyber hygiene to prevent cybercriminals from using RMM software to launch attacks on their clients’ networks and systems?
What are you doing to protect your credentials?
While there are vulnerabilities in RMM solutions, malicious actors are instead, for the most part, focused on users with little to no security awareness training, something every MSP should be offering to its employees and clients.
Eighty percent of hacking-related breaches involve compromised and weak credentials, according to the 2019 Verizon Data Breach Investigations Report. Twenty-nine percent of all breaches, regardless of attack type, involved the use of stolen credentials, the report also found.
Security awareness training should consist of phishing awareness training. Of course, the coronavirus crisis has made it a lot easier for cybercriminals to leverage phishing attacks with COVID-19 themes. To protect your team members and clients from these attacks, as well as other types of phishing attacks, educate them on how they can spot phishing attempts and what they can do to prevent them.
Additionally, you should probably take things a step further. Deploying simulated phishing campaigns can go a long way with educating your teams.
Assess your passwords
Avoid making it easy on cybercriminals by having weak passwords (even MSPs are guilty of this from time to time). As you already know, protecting your passwords is key to securing your RMM platform and your customers’ systems and networks.
Educate your employees and customers on password best practices. Encourage the use of a password generator tool. Provide your employees and customers with a password manager option. Weak passwords should never be the reason why cybercriminals can access client systems.
Not using multi-factor authentication (MFA)?
The results are in: MFA is a must-have feature today. If you’re not using an RMM solution that mandates MFA, you’re leaving yourself and your clients open to attacks. MFA provides an additional layer of security all businesses need in today’s ever-growing IT landscape. Educate your employees and clients about why MFA is so vital to protecting everybody from cybercriminals.
Cybercriminals shouldn’t be able to access client infrastructure so easily through RMM solutions. Ensure that your employees and clients are protecting credentials, following best password practices, and using MFA. The more cautious you and your employees are, the more vigilant your clients will be.