According to a new Armor report, at least 13 managed service providers (MSPs) have been attacked by ransomware.
Due to the nature of an MSP company, attacks on their infrastructure usually have many negative outcomes. A managed service provider manages the IT infrastructure of other businesses via remote administration tools. There are many reasons businesses decide to hire an MSP, such as cutting down on expenses for system administrators.
In order to rely on the services of an MSP, the company should install the MSP’s software, thus allowing remote access to the company’s network. This could create a liability, and as visible by the numbers of compromised MSPs, hackers have found a way to exploit this business model.
This year there have been several attacks on managed service providers. Armor was able to identify 6 new MSPs and/or cloud-based service providers that were compromised by ransomware. Earlier this year, the threat intelligence firm uncovered 9 other attacks, totaling the number of MSP ransomware victims in 2019 to 13.
Ransomware attacks against MSPs a common thing
Let’s take a look at the attack against SchoolinSites, a provider of cloud-based education solutions to schools. The company was hit by ransomware that shut down all means of communication, including phones, email, HelpDesk as well as many of the schools’ websites, Armor said.
One of SchoolinSites’ customers which was affected by ransomware was the Mobile, Alabama County Public School System whose website went down the weekend of September 23. As a result, parents were unable to access the website to get information about their children’s educational progress. However, the issue was limited to the external website, which was provided by SchoolinSites as a third-party vendor.
Ransomware also hit MetroList, “a California-based company that provides multiple listing services and computer services to 20,000 real estate brokers and agents. They got hit by ransomware in June, and they are reported to have paid a .$10,000 insurance deductible towards an undisclosed ransom payment. MetroList’s systems were down for two days,” the report highlighter.
In conclusion, a ransomware attack against an MSP can be quite devastating and could put an MSP out of business. In fact, this very thing happened to PM Consultants, an Oregon-based IT consulting and IT support provider to dental practices. After the ransomware attack in early July, the company had to shut their business down, due to the destructive event.