Here is a real kick in the pants. Did you know that one of the most targeted types of businesses for hackers these days is a Managed Service Provider? Yes—that’s me. Aptica is a managed service provider or MSP company. “Join the club,” you say? “Boo-hoo for you,” you think? Well, yes, for sure to both of those—but—it’s also another cybersecurity headache for every business that runs computers.
By now most small to medium-sized businesses know that it’s more cost-effective to partner with an MSP than to budget for an in-house IT person (or persons.) MSPs are fiercely competitive, and to stay at the top of the game they must be the most current in all cybersecurity practices. Hackers have discovered, however, that while an MSP company may be selling their clients on the necessity of cutting-edge security, not all of them practice what they preach.
Hackers are raiding MSP companies, worming into that company’s clients’ networks, then locking all the data. The ransom notice follows quickly. They infiltrate MSP client networks by exploiting vulnerabilities in an IT services company that is responsible for such things as software updates, data backups, and cybersecurity. The responses to these incidents have been varied. Many MSPs do provide reliable support and data storage, but others have turned out to be understaffed and inexperienced. It’s the latter who have been unable to protect their own networks and systems and who may then be unable to help clients restore files. The cybercriminals make money by raiding and ransoming dozens of businesses and public agencies after initiating just the single attack on the MSP. Too often the compromised MSP and the captive clients spend their initial reaction time fighting over who will either pay the ransom or foot the bill for recovery costs.
I believe this topic should be discussed by every business that relies on an MSP for service and protection. You should know to ask about this. Has your MSP experienced any attempted hacks? Were they successful? What was the MSP response? What is the MSP’s response plan, should such an event happen? Do some checking before you contract for services, just like you would if you were retaining legal counsel or hiring a builder. Learn everything you can about a service and protection company. You need to be able to trust that provider to have your back. Don’t hesitate to ask what they are doing to protect themselves.
If you have questions about cybersecurity, Aptica is happy to discuss this key element to today’s successful business. We are constantly monitoring and learning about cyber threats as they appear and are then overcome. I think you will appreciate knowing more about how to stay safe.
Jason Newburg, 260.243.5100, ext 2101, is the founder and owner of Aptica LLC. This IT management and support company has been serving small to medium-sized businesses for 16 years in the region that includes Angola, South Bend, and Fort Wayne, IN, Battle Creek, MI, and Toledo OH.