Story image

Indirect damage: Why service providers should care about customer security

11 Jan 2017

This year witnessed the further spread of the disease we call ransomware. After seeing the profitability of this “revenue stream” in the consumer segment, cybercriminals are moving ever deeper into the business segment, looking for the most vulnerable victims.

Several cases of data encryption followed by extortion have been documented in a new sector, where vital services such as healthcare have been targeted in recent months. The infamous case of Hollywood Presbyterian hospital demonstrates how suffering a ransomware attack can cause direct financial losses – in this case $17,000 in BitCoins – as well as reputational damages.

After seeing the attack scenario repeat itself multiple times throughout 2016, it’s fair to assume that healthcare is only an initial interest of cybercriminals, and other business sectors will likely follow. According to FBI estimates, ransomware is on track to become a $1 billion a year criminal enterprise by the end of 2016.

However, ransomware is not the only cyberthreat businesses have to face today. Just recently, ESET reported on Retefe malware which targeted customers of various banks mostly in Switzerland, Austria, and the UK. By redirecting clients of these banks to fake or modified banking webpages, it attempted to harvest login credentials and misuse this information for malicious purposes.

Despite the fact that MSPs might not be first-line targets in such cases, they can take the hit indirectly as the providers and operators of IT services for banking or health care clients. All the potential losses and the burden of extensive IT support generated by a malware attack is theirs, and thus, their responsibility to solve.

Offering reliable security solutions from a respected security vendor can be the difference that helps MSPs and ISPs build their brand as responsible partners able to handle cyber security threats and reinforce a perception of expertise, as well as provide high quality services in the field.

Article by Ondrej Kuboič, welivesecurity analyst

Bitglass appoints new cloud, business development leaders
The cloud security company has appointed vice presidents for worldwide channels and worldwide business development.
Ping Identity offerings accelerates cloud MFA and SSO adoption
90% of respondents trust MFA as an effective security control to protect identity data in public clouds, yet only 60% of organisations have formally adopted it.
Ingram launches CRM backup on cloud marketplace
AvePoint Cloud Backup for Dynamics 365 is a multi-tenant solution, designed with specific features to enable channel partners and MSPs.
Trend Micro introduces cloud and container workload security offering
Container security capabilities added to Trend Micro Deep Security have elevated protection across the DevOps lifecycle and runtime stack.
Veeam joins the ranks of $1bil-revenue software companies
It’s also marked a milestone of 350,000 customers and outlined how it will begin the next stage of its growth.
Veeam enables secondary storage solutions with technology partner program
Veeam has worked with its strategic technology alliance partners to provide flexible deployment options for customers that have continually led to tighter levels of integration.
Veeam Availability Orchestrator update aims to democratise DR
The ability to automatically test, document and reliably recover entire sites, as well as individual workloads from backups in a completely orchestrated way lowers the total cost of ownership (TCO) of DR.
Nuix eyes legal sector as eDiscovery demand skyrockets
eDiscovery must encompass so much more than email and documents. If you haven’t looked at text messages and online chats, digital images, mobile devices, data in the cloud and social media, you’re not getting the whole story.