Cyber Defense eMagazine December 2019
Cyber Defense eMagazine January Edition for 2020 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group with Pierluigi Paganini, Yan Ross as International and US Editors-in-Chief and many more hard working amazing contributors!
Cyber Defense eMagazine January Edition for 2020 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group with Pierluigi Paganini, Yan Ross as International and US Editors-in-Chief and many more hard working amazing contributors!
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
106<br />
The Threat Lab team also analyzed an MSP attack that targeted a specific piece of IT management<br />
software. In this attack, the perpetrator leveraged weak, stolen or leaked credentials to gain<br />
administrative access to the MSP’s copy of this management tool. From there, the attackers targeted<br />
exposed remote management services. Once in, they exploited the MSPs’ own tools to infect their<br />
customer base. Based on this and other MSP attacks from Q2 and Q1 <strong>2019</strong>, it is clear attackers are<br />
specifically targeting MSPs to reach their customer bases. This attack could have been prevented with<br />
better password security (since the attacker leveraged a legitimate admin password), user training or use<br />
of multi-factor authentication.<br />
What Are Some Key Lessons From Q2’19?<br />
In summary, no target is too small. It’s no longer a matter of “if,” but “when” a target will get hacked.<br />
Remember, many attacks can be thwarted simply by deploying authentication and MFA solutions<br />
(specifically, MSPs should be hardening their management tools with MFA). Furthermore, due to the<br />
increased sophistication of ransomware attacks, backup solutions should be mandatory. And don’t simply<br />
create backups – test and verify them. As an extra precaution, use URL and domain filtering services to<br />
help defang malicious links. Above all, implement effective user training to help employees recognize<br />
and respond to phishing and ransomware attacks. The stakes are higher than ever before, and user<br />
training should be at the forefront of any organization’s standard operating procedure.<br />
About the Author<br />
Emil Hozan is a Security Analyst at WatchGuard Technologies, focused on<br />
network security. Emil’s responsibilities include quantifying threat data for<br />
WatchGuard’s quarterly Internet Security Report, contributing to<br />
WatchGuard’s security blog Secplicity, analyzing trends in network and<br />
malware attacks, sandboxing and testing new products and exploits, and<br />
reverse engineering malware samples<br />
Emil can be reached online at https://www.secplicity.org/author/ehozan/ and<br />
at our company website https://www.watchguard.com/.