Sensitive and confidential data are of huge value to cyber criminals, and privileged user credentials are the gateway to these prized assets.
As more and more sophisticated cyber security measure are implemented, threat actors have looked for other vulnerabilities and found that privileged users can be a simple way to access an organizations’ systems and data.
MSPs offer the threat actor the biggest bang for their buck. Rather than directly attacking privileged users at their primary target organization, threat actors are realizing that MSPs are the cream of privileged users as they can be an easy route into numerous companies instead of just one. The threat actor can then spend weeks searching the MSP and its customers’ networks undetected, identifying the most valuable assets in order to maximize potential damage to the victim, and maximum ROI for themselves.
As an example, in a much-documented December 2019 case, an ‘affiliate’ of Sodinokibi (which offers ransomware-as-a-service) breached LogicalNet’s servers and installed a ransomware virus that infected its customers. Albany County Airport was one of the customers affected and, after paying a hefty ransom, ended its relationship with LogicalNet.
‘Is this really an issue for my organization’ I hear you ask? The answer is yes it is! It’s easy to think that a privileged user breach will happen to someone else but the threat is all too real.
80% of Security Breaches Involve Privileged Credentials
In order to do their job your technicians have access to the internal systems and networks of multiple companies, which makes your organization a target.
Imagine the impact if a threat actor breached your systems in order to access the privileged credentials your technicians use. It could do untold damage to your revenue, customer retention, and reputation!
But the threat isn’t always external. Verizon’s 2019 Data Breach Investigations Report found that 34% of breaches involved internal actors.
As an example, in January 2020 an employee of a Managed Service Provider, Marquavious D. Britt, was charged with Computer Fraud and Abuse as well as Access Device Fraud. Britt is alleged to have used his job as a systems engineer to steal credentials that could be used to gain access to the MSP's internal systems, and then tried to sell them on the dark web for just $600.
Whichever way you look at it, protecting privileged user access to your customers’ systems is key. So how can you ensure you have secure remote access to your customers’ networks, while at the same time reassuring them that their systems are safe in your hands? Fortunately there’s an easy way - start implementing our 8 Top Tips today!
About Netgard Privileged Gateway
Netgard Privileged Gateway from ION Networks is an affordable, scalable, highly flexible way to remotely access, control and manage critical voice and data services for ALL your customers using just one tool.
Netgard Privileged Gateway:
- Protects you and your customer against privileged user security breaches
- Enables secure, quick and easy access to your customer’s system using customer-agreed rules
- Eliminates the barriers to service delivery, giving your customers the 24/7 service and availability they demand.
- Allows you to increase your revenue by delivering a broader range of services.
Netgard Privileged Gateway is part of ION Networks, who’ve been trusted to solve secure access challenges for government and military agencies, and corporate enterprises for over 30 years.