CYBER NEWS

13 Managed Service Providers Hit by Ransomware in 2019




According to a new Armor report, at least 13 managed service providers (MSPs) have been attacked by ransomware.

Due to the nature of an MSP company, attacks on their infrastructure usually have many negative outcomes. A managed service provider manages the IT infrastructure of other businesses via remote administration tools. There are many reasons businesses decide to hire an MSP, such as cutting down on expenses for system administrators.

In order to rely on the services of an MSP, the company should install the MSP’s software, thus allowing remote access to the company’s network. This could create a liability, and as visible by the numbers of compromised MSPs, hackers have found a way to exploit this business model.

This year there have been several attacks on managed service providers. Armor was able to identify 6 new MSPs and/or cloud-based service providers that were compromised by ransomware. Earlier this year, the threat intelligence firm uncovered 9 other attacks, totaling the number of MSP ransomware victims in 2019 to 13.

Related:
Some vulnerabilities are more common in ransomware attacks, so let's see which are the most common ones used across multiple families.
Vulnerabilities Ransomware Uses in Enterprise Attacks

Ransomware attacks against MSPs a common thing

Let’s take a look at the attack against SchoolinSites, a provider of cloud-based education solutions to schools. The company was hit by ransomware that shut down all means of communication, including phones, email, HelpDesk as well as many of the schools’ websites, Armor said.

One of SchoolinSites’ customers which was affected by ransomware was the Mobile, Alabama County Public School System whose website went down the weekend of September 23. As a result, parents were unable to access the website to get information about their children’s educational progress. However, the issue was limited to the external website, which was provided by SchoolinSites as a third-party vendor.

Ransomware also hit MetroList, “a California-based company that provides multiple listing services and computer services to 20,000 real estate brokers and agents. They got hit by ransomware in June, and they are reported to have paid a .$10,000 insurance deductible towards an undisclosed ransom payment. MetroList’s systems were down for two days,” the report highlighter.

In conclusion, a ransomware attack against an MSP can be quite devastating and could put an MSP out of business. In fact, this very thing happened to PM Consultants, an Oregon-based IT consulting and IT support provider to dental practices. After the ransomware attack in early July, the company had to shut their business down, due to the destructive event.

Milena Dimitrova

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the beginning. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...