Hackers Using Gandcrab Ransomware To Target MSPs

By   ISBuzz Team
Writer , Information Security Buzz | Feb 18, 2019 03:08 pm PST

Hackers are leveraging a a two-year-old flaw in a third-party plug-in to infect scores of companies with GandCrab ransomware through their managed service provider (MSP) according to Chris Bisnett at Huntress Labs.

Justin Jett, Director of Audit and Compliance at Plixer:

“One of the most dangerous risks to businesses are the technologies controlled or owned by third parties. Organizations must be vigilant by monitoring network traffic to and from businesses devices and assets. Malicious actors can only gain value from compromised devices if they have communication with that device. This means they have some external device used to communicate like a command-and-control setup. This allows them to leak data, but it also means they expose themselves to businesses that deploy network traffic analytics. While it is impossible to completely control supply chain vulnerabilities, by monitoring network traffic to devices vendors are granted access, businesses can identify anomalous behavior, report the problem to the vendors, and close security loopholes more quickly than if they wait to be informed by the vendor that there was a breach.”

Notify of
0 Expert Comments
Inline Feedbacks
View all comments

Recent Posts

Would love your thoughts, please comment.x