Hysolate Comments On Hackers Aiming For The Biggest Enterprise Targets

Hackers are targeting MSPs in an effort to infiltrate a large audience all at once without being detected as they hit targets upstream. Synoptek, a California Managed IT Services Provider,  was one example of an MSP who got hit with ransomware and paid the ransom to get back online.

 

Experts Comments

January 22, 2020
Tal Zamir
Founder and CTO
Hysolate
MSPs and other types of outsourced IT pose a huge risk to enterprises. These external IT admins typically have very wide access into the crown jewels and infrastructure of their clients, including domain controllers, firewalls, endpoint management software, etc. In many cases, enterprises don't force those external IT admins to use secure workstations when accessing their environment. Therefore, if an MSP IT admin gets hacked, the hacker gains access from the admin's laptop into sensitive.....Read More
MSPs and other types of outsourced IT pose a huge risk to enterprises. These external IT admins typically have very wide access into the crown jewels and infrastructure of their clients, including domain controllers, firewalls, endpoint management software, etc. In many cases, enterprises don't force those external IT admins to use secure workstations when accessing their environment. Therefore, if an MSP IT admin gets hacked, the hacker gains access from the admin's laptop into sensitive resources of all of the MSP's clients (via RDP/VPN, etc). Enterprises must mandate that their vendors use trusted secure workstations when connecting to their environment or they risk being the next Target.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.