Is Your MSP/MSSP Protecting You from Supply Chain Attacks?

In case you missed it, on December 19, 2021 global IT consulting firm Inetum Group suffered a ransomware attack. The attack impacted internal operations in France but did not impact Inetum’s operations outside of the country, according to a statement from the company.

While it seems like bad news on the surface, Inetum’s cyberattack is actually a success story. Among other details of the attack, Inetum disclosed that the isolated event:

  • Did not affect any of the main infrastructures, communication, collaboration tools or delivery operations for Inetum clients
  • Within the affected Inetum perimeter, all servers have been isolated and client VPNs have been switched off

What does this mean in laymen’s terms? The cyberattack did not extend from the MSP’s servers to downstream customers. In other words, the external cybersecurity framework and protective tools in place by Inetum protected its customers from a supply chain cyberattack.

Why the External Protections of MSPs and MSSPs Matter

Managed services providers have become frequent and valued targets of cybercriminals (see the recent Kaseya breach for an example). From an attacker’s standpoint, compromising the network of a singular enterprise may provide a modest return in the form of ransom and extortion payments. But compromising the network of an MSP or MSSP, and, by extension, all its clients, may increase that return exponentially.

For this reason, one of the first things you should look for in an MSP or MSSP is that it has robust external cybersecurity protections to protect its Remote Monitoring and Management (RMM) platform from attack. An RMM is what allows the MSP/MSSP to control its customers’ IT systems (such as network devices, desktops, servers and mobile devices) by means of locally installed agents. The RMM also allows MSPs and MSSPs to install new or updated software remotely, detect new devices and automatically install the RMM agent, and provide alerts and reports of activity across all the managed servers and devices.

Because an RMM platform extends an MSP/MSSP’s scope of control to the networks of all of its clients, this platform needs to be protected in the event of a cyberattack to maintain the integrity of clients’ data.

Choose an MSP or MSSP with Strong External Cyber Protections

While a robust cybersecurity framework and mature cyber policies can protect organizations from cyberattacks, there is no magic bullet when it comes to cybersecurity. Security incidents can still happen. But in the case of an incident or event, MSPs and MSSPs should have protections in place to prevent their RMMs, and by extension, their clients, from being compromised.

At Corsica Technologies, we employ web application firewalls (WAF) and anti-distributed denial of service (anti-DDoS) controls to protect our platforms and our clients’ data from attacks.

The WAF decrypts incoming traffic from the internet and filters it through a comprehensive set of Intrusion Prevention System (IPS) inspections that are designed to detect and block web-based attacks. This inspection happens before traffic ever reaches Corsica Technologies’ RMM platform.

Another popular attack in the cybercriminal’s arsenal is DDoS, in which an untenable volume of network traffic is directed at a targeted system. The goal of such an attack is to overwhelm the targeted system and make it unusable. If the Corsica Technologies RMM server were targeted by a DDoS attack, our anti-DDoS control will intercept and drop the offending traffic before it reaches our RMM, thereby preserving the availability and security of this critical resource.

Ransomware and supply chain attacks are showing no signs of stopping. If you haven’t yet, now is the perfect time to sit down and look at the external cyber protections used by your MSP/MSSP to make sure that it is adequately protecting your organization against cyberattack.

Interested in learning more about cybersecurity protections and services from Corsica Technologies? Check out our cybersecurity offerings and get started on a posture review here.

Corsica Technologies
Corsica provides personalized service and a virtual CIO (vCIO) who serves as a strategic advisor. When it comes to the complex integration of solutions for IT and cybersecurity, the whole is greater than the sum of its parts. We offer cybersecurity solutions, managed services, digital transformation, resale services, and one-off technology projects. Corsica unifies any combination of these services into a complete, seamless solution.

Related Reads

MDM vs. MAM: Which one is right for you? - Corsica Technologies

MDM vs. MAM: Which One Is Right For You?

How should you handle mobile devices that have access to company data and systems? This is a crucial question for today’s on-the-go, hybrid workforce. Maybe you give your team company-owned mobile devices. Or perhaps your employees find it more convenient

Read more
Managed Network Services - Everything You Need to Know - Corsica Technologies

Managed Network Services: Everything You Need To Know

For overworked IT teams, managed network services are a lifesaver. Rather than monitoring network logs, troubleshooting switches, and working overtime to mitigate vulnerabilities, you can engage a trusted partner to manage your network for you. But not all providers are

Read more

Sign Up For Our Newsletter

Stay up-to-date on the Managed Services and Cybersecurity landscape, and be the first to find out about events and special offers.