Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Security United States

US Secret Service Reports an Increase in Hacked Managed Service Providers (zdnet.com) 29

The US Secret Service sent out a security alert last month to the US private sector and government organizations warning about an increase in hacks of managed service providers (MSPs). From a report: MSPs provide remote management software for companies. MSPs can be simple services like file-sharing systems to complete solutions that manage a customer's entire computer fleet. Most MSP services are built around a server-client software architecture. The server part can be remotely hosted with the MSP inside a clout infrastructure, or installed on-premise with the client. Usually, getting access to the server component of an MSP grants an attacker full control of all software clients. In a security alert sent out on June 12, Secret Service officials said their investigations team (GIOC -- Global Investigations Operations Center) has been seeing an increase in incidents where hackers breach MSP solutions and use them as a springboard into the internal networks of the MSP's customers. Secret Service officials said they've been seeing threat actors use hacked MSPs to carry out attacks against point-of-sale systems, to perform business email compromise (BEC) scams, and to deploy ransomware.
This discussion has been archived. No new comments can be posted.

US Secret Service Reports an Increase in Hacked Managed Service Providers

Comments Filter:
  • or you can hack the Hvac subcontractor to get it

  • by account_deleted ( 4530225 ) on Monday July 06, 2020 @12:54PM (#60268038)
    Comment removed based on user account deletion
    • In most states, haircuts are regulated more heavily than technology providers. In my state, there's no licensing process.

      • by JeffSh ( 71237 )

        oh you think licenses are to protect the public. no, licenses are to create barriers to the market place or in the case of haircutting, a training requirement that people have to go through ($$ to the haircut schools)

        • There really should be barriers to the market place. On anything where screwing up due to inexperience is a huge danger.

      • If I need to have licensing then I want an union!

  • by MooseTick ( 895855 ) on Monday July 06, 2020 @01:28PM (#60268198) Homepage

    No shock. More and more companies are moving data to the "cloud". That makes "cloud" providers much more interesting to hackers, thieves, nation states, etc.

    • The cloud is just someone else's computer. And who owns that computer can change at a moment's notice.

  • Things cloud are subject to hackers and hackers have been hacking. Be scared!

    For real though, why isn't there ever anything specific mentioned, like oh I don't know, the actual fucking MSPs that have been compromised?

    • There is a link in the article to ~13 MSPs that were hacked in 2019.

      • You're correct. Please mod parent up.

        Here's the list:

        Apex Human Capital Management
        Payroll services
        CloudJumper
        IT services
        IT By Design
        IT services
        MetroList
        Real estate brokers
        CorVel
        Work & healthcare
        PM Consultants
        Dental services
        iNSYNQ
        Accounting
        TSM Consulting
        IT services
        PerCSoft

  • by aaarrrgggh ( 9205 ) on Monday July 06, 2020 @01:59PM (#60268328)

    Any good ideas on how to manage the threats for remote management tools, since the Secret Service “best practices” are pretty worthless? Our IT consultant uses Team Viewer for desktop support and server management. I can firewall it off with DPI, but that most likely will end up closing the barn door after the horses escaped. I haven’t found good ways to monitor the use either... and when computers are outside our network it would be easy enough for a more persistant/robust connection to be enabled.

    • Comment removed based on user account deletion
      • For us, we keep control of the network (and phones) and the MSP deals with Windows environment. It was the most practical approach on our end. They claim they use 2FA for all their tools, and are going to document everything for us... but I wonder how companies that don’t have any internal respurces deal with it.

        Our MSP seems to think a 2-day outage is not a big deal unfortunately. Getting a higher level of service at 50 person company level is hard though.

  • The server part can be remotely hosted with the MSP inside a clout infrastructure, or installed on-premise with the client.

    It was only a matter of time

  • The article says dozens of MSP were hacked but the article doesn't say who and only provides a link to an older article of 13 hacks in 2019.

    What's the point of this "news" if the one critical piece of information important to customers/users isn't there?

  • A lot of MSPs are very good at marketing, but very bad at providing skilled IT professionals.

    Many MSPs remind me of an old commercial that showed cell phone marketers climbing cell phone towers because the company only had marketers, but no cell service techs.

"The following is not for the weak of heart or Fundamentalists." -- Dave Barry

Working...