Hysolate Comments On Hackers Aiming For The Biggest Enterprise Targets

Hackers are targeting MSPs in an effort to infiltrate a large audience all at once without being detected as they hit targets upstream. Synoptek, a California Managed IT Services Provider,  was one example of an MSP who got hit with ransomware and paid the ransom to get back online.

 

Subscribe
Notify of
guest

1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Tal Zamir
Tal Zamir , Founder and CTO
InfoSec Expert
January 22, 2020 12:10 pm

MSPs and other types of outsourced IT pose a huge risk to enterprises. These external IT admins typically have very wide access into the crown jewels and infrastructure of their clients, including domain controllers, firewalls, endpoint management software, etc. In many cases, enterprises don\’t force those external IT admins to use secure workstations when accessing their environment. Therefore, if an MSP IT admin gets hacked, the hacker gains access from the admin\’s laptop into sensitive resources of all of the MSP\’s clients (via RDP/VPN, etc). Enterprises must mandate that their vendors use trusted secure workstations when connecting to their environment or they risk being the next Target.

Last edited 2 years ago by Tal Zamir
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x