News Feature | May 18, 2017

Why Cyber Criminals Have Their Sights Set On MSPs And What You Can Do About It

Source: The ASCII Group

Capping off a security-focused day at the ASCII Success Summit — Columbus held May 17 to 18 at the Sheraton Columbus Hotel at Capitol Square, Carvir CEO, CISSP Jay Ryerse spoke about all things security — including the WannaCry ransomware attack.

Ryerse recapped WannaCry, touching on how it spread so quickly and why traditional measure didn’t stop it, but the majority of his presentation centered on five questions you must answer before the next attack and security steps you should take immediately to prepare for the next attack — including those against your business.

Feels Like The First Time
Ryerse recalled the first time he received a call from a client that had been the victim of a ransomware attack, saying, “I had no idea what it was.” That’s why he developed five critical questions every MSP must be able to answer before ransomware, hackers, and viruses breach a client’s network. This are

  1. Don’t you (the MSP) protect us from this?
  2. How did this happen?
  3. What about the firewall and anti-virus programs you sold us?
  4. What data did they get?
  5. How do we keep this from happening again

“Knowing the answers to these questions before they get asked,” Ryerse advises, “will go a long way to helping you stay in business.” They are also questions you will most likely be asked soon, if you haven’t already says Ryerse.

“Four or five IT service providers are reaching out to us every week, asking for assistance because they have a client who was hacked,” Ryerse says. “Nine different IT service providers have been hacked or breached since the end of March alone.”

In order to prepare for the influx of incoming calls, Ryerse advises asking your team:

  • Send you a list of all clients that have RDS open to their network, regardless of whether or not they changed their listening port, and does your MSP have RDS open?
  • What is the current patch status of all clients listed from least patched to most patched?
  • What are you doing to prevent ransomware, file-less exploits, and memory-based malware attacks for your business and for your clients and the future ad does it have forensic visibility to diagnose a threat and potential document loss?

Why Does This Matter?
More than four billions records were exposed in 2016, and the managed security services market is expected to reach $34 billion by 2021. But more importantly, according to Ryerse, is 83 percent of businesses plan to or are already partnering with a managed security provider, creating a great source for future growth.

“The biggest target for future attacks are MSPs,” Ryerse says. Why? “Attacks are now conducted against managed IT service providers used as intermediaries for hackers to get their hands on their target’s corporate assets and trade secrets.”

These attacks have already impacted organizations in North America, Europe, South America, and Asia — and most recently MSPs in the U.K., U.S., Japan, Canada, Brazil, France, Switzerland, Norway, Finland, Sweden, South Africa, India, Thailand, South Korea, and Australia.

“If they take you down, how can you deliver to your clients,” asked Ryerse.

The ASCII Success Summit — Columbus is being held May 17 to 18 at the Sheraton Columbus Hotel at Capitol Square. It is one of nine solution provider-focused conferences ASCII is hosting in North America in 2017. For more information on ASCII, go to