Are Hackers Hiding Behind Your MSP?
Managing your own IT can be a time-intensive and unrewarding task, and when your business requires maximum focus it’s a hindrance to have to constantly check on the health of your network, your hardware, and your cyber security. Small wonder then, that the first thing that most business owners do when things start to get busier is to retain a Managed Service Provider (MSP) to take care of things for them. Handing over your IT to a support provider can be wonderfully liberating, and should you be paying for all the bells and whistles, you can rest easy that your network is solid, protected from all the cyber-nasties out there wanting to get hold of your valuable data. Right?
Well, Maybe Not.
It’s worth remembering that MSP’s are businesses themselves, and they should by rights be making sure that they are doing as good (or better) of a job protecting their own systems and networks as they do yours. After all, these are the guys to whom you’ve just handed the keys to your (and your customer’s) digital kingdom, so it’s best to make sure their vaults don’t open on both sides as it were. Sadly, many MSP’s can be guilty of trying to maximise their margins by managing your network with cheap – and sometimes wildly inappropriate – software, data storage, or remote management systems. If you have a managed network, it’s worth checking with your current or future MSP whether they are running potentially vulnerable management software, as this could leave you wide open to a cyberattack if they are not secure.
Vulnerable… What?!?
RMM (Remote Monitoring and Management) platforms are cloud-based systems that allow MSPs and IT admins to sign into an account and monitor or control entire networks of endpoints running remote agent software all from a central cloud dashboard. For just one MSP, this could be several hundred customer networks, running thousands of machines. All those businesses under your control… it’s a great deal of responsibility, so you only give your network into the care of those that are competent enough to take care of it properly. Sadly, it’s sometimes not enough to take an MSPs’ competence at face value, as however hard they try, their RMM (or another mission-critical software or hardware solution) may not be as secure as they, and by extension you, might think.
In the case of one major platform provider, SolarWinds, there have been massive breaches and zero-day attacks on their Orion IT management suite, first in 2020, and in July of this year, potentially exposing huge numbers of MSPs worldwide to cyberattack. In the July hack, likely perpetrated by a group of Chinese hackers dubbed ‘Spiral’, there was a vulnerability in the platforms file-sharing application, which resulted in the hackers being able to gain access to machines and networks connected to the platform.
Does It All Check Out?
It's vital to do your research, and there is always a very strict routine to follow when retaining the services of a platform provider, especially if you are responsible for other people’s networks in addition to your own. You should always check that the platform is certified for use on the networks and systems you will be using it on, that the provider has a strict, definitive, and above all, regular policy of applying updates, that their platform supports Multi-Factor Authentication, and if their platforms are notorious for being vulnerable or having significant outage. This should help keep the number of unauthorised access attempts to your, or your customers’, networks to zero.
Our Promise
We would just like to reassure all our customers – past, present and future – that Pearce IT uses no software or management systems provided by SolarWinds, and that we only touch your network with the most stringently tested and approved software and Remote Management and Monitoring systems.
We take the security of our clients very seriously, so if you’re looking for a strong partner to help you to protect your network, please get in touch with us today.