At the end of every year, it seems like every business takes a moment to ponder over what’s been accomplished in the past year, looking for ways to improve operations and increase revenue in the coming year. In my last blog, I looked back at the state of security in 2018 and how it affected MSPs. I’d like to take the opportunity in this article to do a bit of looking forward towards next year, focusing in on some security predictions that will change the way you offer security services.
If you aren’t yet offering security services to your clients (beyond simply including AV in your RMM offering), there’s much you should be doing: providing clients with a layered security offering that protects the network, endpoints, users, web, and email is a solid start. But, as we all know, the threat landscape is constantly changing, so it’s necessary to be watchful of how (and how quickly) your services need to equally change to remain effective.
In a recent webcast, NinjaOne teamed up with Webroot to discuss what’s changing and how it impacts your business. I’m going to cover a few of the more important predictions from this webcast, as I believe they are very relevant to the success of your business.
Prediction #1: MSPs Become a Target
Cybercriminals are increasing the sophistication of their campaigns beyond the simple ransomware infection. Instead, they are targeting industries with specific access to data and/or sources of money that they can compromise, infiltrate, perform recon within, and devise a monetization strategy. In the case of MSPs, you have access to dozens of clients – each with their own revenues. So, if you were a bad guy, would you try to target each of the client orgs or simply target the MSP who has admin access to all the client orgs?
When we’re hearing about attacks that involve infiltrating company A to setup a scam where company B is the victim tricked into sending company A money to a criminal-controlled bank account, it makes sense that these cybercriminals will be willing to use your access to steal from your clients.
Prediction #2: A Shift in Threats
The more prominent threat in 2018 was ransomware. It’s a simple business model, with lots of “as-a-service” dark web vendors out there offering some or all of the components making up a ransomware attack available to anyone. But, many security vendors are seeing the attack-of-choice change to bot-based attacks. In 2018 it was cryptomining – in which either installed or browser-based malware used a compromised endpoint’s processing power to mine cryptocurrency. In 2019, I expect to see other uses of this kind of misuse of your client’s endpoints. For example, we’ve also seen 1.7 million endpoints used as part of an online advertising fraud scam that raked in $29M!
Now, these kinds of attacks may not seem like much of a threat, as the most they’re doing to your client is taking up CPU/GPU cycles and increasing the utility bill a bit. But remember, that’s malware on your client’s endpoint – it would make sense to me if I had admin access to an endpoint that I may want to sell that access on the dark web as another means of revenue. So, even if bot-based attacks don’t sound scary, they are the entre to more malicious actions.
Prediction #3: Too Many Attack Vectors to do it Yourself
2019 is going to continue the trends of 2018 with a growth in number of cybercriminal organizations, sophistication and frequency of attacks, and more detailed targeting of companies and verticals. So, the idea of a single MSP being able to keep up is simply not realistic.
MSPs that wish to remain effective in the fight against the changing face of attacks need to be looking for ways to leverage machine learning-based solutions that continually morph as threats evolve. Specifically using solutions that leverage threat and behavior data from a vendor’s millions of endpoints under management makes sense – this way your client benefits with updates that originated from an endpoint halfway around the world who was the first to see a zero-day attack.
2019: Security is the Name of the MSP Game
There’s money to be made with solid offerings, and money to be lost, should you choose to ignore the trends. Whether you’re just getting started with a security offering, or have something in place that needs to mature, now (literally today, this week, anything but putting it off) is the time to augment your offering’s security strategy to protect your clients – and yourself – against the changing face of cyberattack in 2019.
To hear more about the predictions for 2019 that impact your MSP business, watch the webinar recording 2019 Predictions: The Impact of Security on an MSP’s Business.