MSPs present a ripe target for attackers


In the news, the Government have updated cyber laws to boost the UK’s resilience against online attacks.

The Government’s decision to update these regulations reflects how MSPs present a ripe target for attackers. As central points of cybersecurity management for lots of organisations – they provide a jumping off point for lateral movement inside a large number of environments. As we saw with Operation Cloudhopper – attackers were able to access MSP customers using seemingly legitimate credentials, before moving through the network to exfiltrate data.

While controls such as MFA on internal resources could technically help address attacks like this, regulation provides a necessary impetus to ensure MSPs act according to best practice.”