Skip to content

How Does a Cyber Attack Affect an MSP and Its Clients?

Posted by Trevagh Stankard on Tue, Sep 7th, 2021

Cyberattacks can have a critical impact on an MSP and its clients, discover the full breakdown of effects in this article.

It’s a great time to be a managed service provider (MSP).  The pandemic has driven many organizations to partner with an MSP.  According to NTT’s 2021 global managed services survey, 38 percent of companies today utilize a third party to manage at least half of their IT needs.  That compares with 25 percent just a year earlier.  This growing prominence of MSPs today make them a growing target for hackers as well.  All of this begs a question, how does a cyberattack affect an MSP and its clients?

Leveraging MSP Attacks

It’s a pertinent question when we consider the disruption to MSPs and their clients from a cyberattack. the world over caused by the Kaseya attack earlier this summer in which 60 or so MSPs that used their product were attacked.  It was a classic example of a supply chain ransomware attack as 1,500 customers fell victim.  Once the attack was confirmed, MSPs were forced to put boots on the ground to ensure that their clients weren’t compromised.  This ability to leverage a single attack in order to compromise many is the primary appeal for cybercriminals to target MSPs. 

MSP Data

The larger the MSP, the larger the deposit of third-party sensitive data they possess.  This is another reason why hackers are seeing value in targeting them.  Large MSPs host a great deal of customer data including contact and payment information that can be used in other malicious endeavors such as phishing attacks.  MSPs must perform their due diligence to protect themselves from data breaches in the same manner as any company hosting third-party data.

Loss of Services

Kaseya, Datto, Connectwise are all remote monitoring and management tools (RMMs).  They are used by MSPs to do things such as remotely deploy patches and updates and stay informed of what is happening to a customer’s managed devices.  If a cybercriminal is able to bring down an MSP’s access to their RMM solution, then they are unable to perform their most basic functions as an MSP as they essentially lose control of client applications and systems.  Without visibility into their clients’ networks hackers can infiltrate their machines undetected.  A potentially greater risk would be for a hacker to actually gain control of MSP management systems, giving them dominion over the clients’ networks, servers and devices. 

Reputation and Compliance

For an MSP, reputation is everything.  After all, why would a business hand over their cybersecurity needs to an MSP that can’t even protect itself?  Because they aren’t in the break-fix business, MSPs are selling the benefits of having an ensured predictable and reliable workload and desktop experience for their customers.  Once the reputation of an MSP is tarnished, it is tough to win it back.   According to a survey conducted in 2020, 97 percent of MSPs that experienced a ransomware attack experienced some level of customer attrition.  Thirteen percent reported a rate as high as 50 percent or greater.

And then there is the issue of compliancy.  The jurisdictions of compliancy regulations such as GDPR and the California Consumer Privacy Act run far beyond the borders of the government bodies that created them.  Although these regulatory sets may have been implemented thousands of miles away, MSPs can find themselves responsible for hefty fines for non compliancy issues that may have contributed to a cybersecurity incident.

Types of Attacks

The email boxes of MSPs are under siege by phishing attacks the same way that every organization is.  The goal is the same.  Convince a user to click on a link or attachment so that hackers can then download their malicious code and set up shop.  It only takes a simple mouse click to either destroy one’s reputation or infect dozens of customers.  Distributed denial of service (DDoS) attacks are also frequently launched against MSPs as attackers utilize their achieved leverage to bring down multiple enterprises at once.

MSPs need to take action to protect themselves from these attacks.  If they don’t, they risk losing customers—and potentially compromising their own businesses.  MSPs that effectively manage these threats will be at a significant advantage. Not only will they have their house in order, they can also rapidly grow their business by helping customers combat these attacks.

TitanHQ, leading cybersecurity vendor provides advanced cybersecurity solutions for MSPs. Learn more about the TitanShield MSP Program to discover how we can protect your business and clients. Learn more today.

MSP cyber attacks

Related Articles

Never Miss a Blog Post

Sign-up for email updates...

Get Your 14 Day Free Trial

Talk to Our Email and DNS Security Team

Call us on US +1 813 304 2544

Contact Us