In the world of cybersecurity, the threat landscape is evolving with alarming speed and complexity. Hackers are continually developing new strategies to bypass traditional security defenses, often remaining undetected for prolonged periods. This has resulted in significant breaches at companies that provide essential software and services to Managed Service Providers (MSPs), with profound consequences for the MSP community and their clients. This article explores these breaches, their impacts, and how businesses can respond effectively.
Understanding the Breach Dynamics
Hackers have adeptly exploited vulnerabilities in network and cloud environments, targeting companies and software integral to the MSP ecosystem. Firms like Ivanti, Connectwise, Ipswitch (MOVEit), Kaseya, Microsoft and SolarWinds have all fallen prey to sophisticated cyber-attacks. This poses a significant threat to MSPs and their customers. These breaches are not just incidental; they are part of a calculated assault on the very tools MSPs use to manage and protect customer IT environments. The fallout from some of these attacks:
- Ivanti: Ivanti Connect Secure (CS) and Ivanti Policy Secure (PS) – CVE-2023-46805 and CVE-2024-21887. Notable breaches
- U.S. cybersecurity agency CISA
- The Norwegian Security and Service Organization (DSS)
- Connectwise: CVSS score of 10, CVE-2024-1709CVE-2024-1708
- UnitedHealth’s Change Healthcare massive breach – $1.6 billion
- Multiple U.S. Federal Agencies