MSPs and their supply chains will be the targeted more heavily by cyberattacks in 2020 according to Trend Micro’s new report – The New Norm.* By hitting MSPs and other third party vendors, cybercriminals will increase their ability to steal sensitive data, credentials and more.
The new Trend Micro Security Predictions for 2020 correctly identifies an unfortunate trend we have seen throughout 2019: The increase in supply chain cyberattacks, most notably through Magecart, which compromises third-party services by using malicious code to target companies. Such attacks are stealthy and highly effective, and will undoubtedly continue to grow in 2020. To prevent such attacks, companies need to develop a security policy and ensure that their third parties adhere to it. This is important not only during screening and onboarding third parties, but throughout the whole business relationship, and requires continuous monitoring of the third party’s digital presence.
Digital supply chain attacks are mounting because they give bad actors a nice return for their investment. By targeting one provider, bad actors gain access to the data of several, if not many. Nearly all websites today are hosted by cloud service providers (CSP), who are rarely held to account for any malicious attacks that break out across their platforms. And even if businesses show their CSP concrete evidence that an attack was traced to their platform, chances are small that the CSP would help to shut down the attack.