Story image

Indirect damage: Why service providers should care about customer security

11 Jan 17

This year witnessed the further spread of the disease we call ransomware. After seeing the profitability of this “revenue stream” in the consumer segment, cybercriminals are moving ever deeper into the business segment, looking for the most vulnerable victims.

Several cases of data encryption followed by extortion have been documented in a new sector, where vital services such as healthcare have been targeted in recent months. The infamous case of Hollywood Presbyterian hospital demonstrates how suffering a ransomware attack can cause direct financial losses – in this case $17,000 in BitCoins – as well as reputational damages.

After seeing the attack scenario repeat itself multiple times throughout 2016, it’s fair to assume that healthcare is only an initial interest of cybercriminals, and other business sectors will likely follow. According to FBI estimates, ransomware is on track to become a $1 billion a year criminal enterprise by the end of 2016.

However, ransomware is not the only cyberthreat businesses have to face today. Just recently, ESET reported on Retefe malware which targeted customers of various banks mostly in Switzerland, Austria, and the UK. By redirecting clients of these banks to fake or modified banking webpages, it attempted to harvest login credentials and misuse this information for malicious purposes.

Despite the fact that MSPs might not be first-line targets in such cases, they can take the hit indirectly as the providers and operators of IT services for banking or health care clients. All the potential losses and the burden of extensive IT support generated by a malware attack is theirs, and thus, their responsibility to solve.

Offering reliable security solutions from a respected security vendor can be the difference that helps MSPs and ISPs build their brand as responsible partners able to handle cyber security threats and reinforce a perception of expertise, as well as provide high quality services in the field.

Article by Ondrej Kuboič, welivesecurity analyst

Hillstone CTO's 2019 security predictions
Hillstone Networks CTO Tim Liu shares what key developments could be expected in the areas of security compliance, cloud, security, AI and IoT.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
Oracle Java Card update boosts security for IoT devices
"Java Card 3.1 is very significant to the Internet of Things, bringing interoperability, security and flexibility to a fast-growing market currently lacking high-security and flexible edge security solutions."
How SMBs can use data to drive business outcomes
With the right technology, companies can capture consumer, sales, and expense data, and use it to evaluate and construct future plans.
Survey shows that IoT is RoI across Asia Pacific
A recent Frost & Sullivan survey across Australia, Hong Kong and Singapore shows that IoT deployment improves business metrics by around 12%.
IDC: Aussie spending on IT Services to hit $23.5B by 2023
the project-oriented market which is predicted to achieve the highest CAGR through to 2023; though no market is expected to decline
Sophos hires ex-McAfee SVP Gavin Struther
After 16 years as the APAC senior vice president and president for McAfee, Struthers is now heading the APJ arm of Sophos.
Security platform provider Deep Instinct expands local presence
The company has made two A/NZ specific leadership hires and formed several partnerships with organisations in the region.