2021 was an extraordinary year for the cybersecurity landscape. The increased activity of bad actors, private and state-funded, forced interventions from cross-governmental organizations and private sector giants alike, all simply to stem the tide. in 2021 alone, over 700 million attempted ransomware attacks were perpetrated. Amid all this, a new preferred target has been identified – Managed Service Providers (MSPs).
In April of this year, ConnectWise’s 2022 MSP Threat Report was released with several staggering insights for major players in the industry. MSPs have been highlighted as primary targets for their exposure and liability.
As MSPs provide intricate services that require tonnes of data from many different clients and partners, they don’t have the luxury of only protecting their own interests. In an era where hacker groups are more sophisticated than ever, and conflict threatens to further incentivise state-funded cyber terrorism, it’s imperative to strategise for worst case scenarios.
A Shift in Ransom Strategy
While it’s common knowledge for cybersecurity experts that the threat of cyber-attacks is increasing exponentially, the extent to which bad actors have escalated their operations has also been a blight on society at large. From the Colonial Pipeline incident in May 2021 that caused major gas shortages on the US East Coast, to Russian state-sponsored hacker Nobelium, last year saw the landscape shift. The money being extorted through ransomware attacks was following a similar upward trajectory. By August 2021, Accenture and Acer had each been hit with $50 million ransoms. .
While hackers and bad actors made short-term gains from these notorious attacks, the increased attention they have drawn to themselves could result in these criminals shifting focus to stay out of the limelight. ConnectWise suggests that critical infrastructure, for instance, could be at less risk than small-to-medium businesses (SMBs) because of the reduced exposure SME breaches present.
Fighting the Good Fight
The good news for MSPs and the broader community in general is that governments and private entities alike have been taking the fight to hacking groups more and more. 2021 saw many infamous groups disband, disappear, or be disassembled by cybercrime taskforces. These taskforces have been granted immense resources recently, thanks to government investment following greater focus in the press and in the public sphere. Many analysts predict that collaboration between public and private spheres when tackling cybercrime will be come the norm, given that companies and governments are more at risk than ever.
Increased spending on taskforces, cross-governmental collaboration, and the broad interest in skill specificity are on the up, with reports suggesting that the cybercrime field could see a massive 28% expansion in personnel between 2016 – 2026 in the US alone.
Ransomware attacks themselves experienced a 148% surge between 2020 and 2021, and of the 500 cybersecurity incidents tracked by ConnectWise’s Cyber Research Unit (CRU), a full 40% of them were ransomware.
Tracked MSP Threat Escalation
The not-so-good news for MSPs specifically is that they have been made a target. As super-MSPs become more common, so does the concentration of liability under a single roof, so to speak. It is the nature of technological partnerships and as-a-service clients to have shared information so that they can provide their solutions to the best of their ability. This does, however, mean that immense trust is placed in service and solution providers. This is especially relevant for ransomware. Ransomware attacks themselves experienced a 148% surge between 2020 and 2021, and of the 500 cybersecurity incidents tracked by ConnectWise’s Cyber Research Unit (CRU), a full 40% of them were ransomware. According to data collected by the CRU, MSPs were the target of 39% of ransomware attacks in 2021. The next highest? Healthcare at 12%.
The proportion of ransomware targeting MSPs by quarter shows how much the game is changing.
Q1
Q2
Q3
Q4
On the Cybersecurity Horizon
Cybercrime has become one of the main frontiers in the war for information, for quick financial gain, and even the war for geo-political domination. The war between Russia and Ukraine has brought the threat posed by state-backed bad actors into full focus, with the head of the UK’s Government Communications Headquarters (GCHQ) declaring that Russian hackers are targeting Ukraine’s allies.
With data breaches occurring at household names like Microsoft, Crypto.com, News Corp and even the Red Cross in 2022 already, there is no choice but to react in kind with investment and proactive anti-cybercrime initiatives. As organisations and governments band together to reduce risk and threat, we must all heed the (paraphrased) words of CEO.digital show guest and cybersecurity expert, Aparna Rayasam: One of the biggest weapons security experts must have is acknowledging hackers as sophisticated businesspeople.
