MSP Alert: Chinese Hacking Group, Volt Typhoon, Targets SMBs
In recent months, the FBI and Department of Justice issued warnings about a Chinese hacking group called Volt Typhoon targeting critical infrastructure in the United States – including water treatment plants, the electric grid, and transportation systems. While the FBI and DOJ were able to stop this particular operation, they warn that Chinese cyberattacks are a growing threat and that small businesses are a prime target – a danger that managed service providers (MSPs) should heed.
“China’s hackers are positioning on American infrastructure in preparation to wreak havoc and cause real-world harm to American citizens and communities, if or when China decides the time has come to strike.” – FBI Director Christopher Wray on 1/31/2024
In an attempt to spread malware, Chinese hackers took control of a botnet of hundreds of unsupported and unprotected US-based small office routers, ISPs, and cloud providers. And this is during a relatively peaceful time.
Could MSP clients be the next SMB targets? MSPs often have access to a wide range of sensitive data, such as customer financial information and intellectual property. We already know this makes them an attractive target for hackers, who can use this data to launch attacks against their clients.
Reinforcing Cyber Threat and Hacking Preparedness
This FBI warning is a reminder to be more diligent than ever in the steps that MSPs take to protect themselves from cyberattacks, including:
- Educating employees about cybersecurity and hacking dangers: Employees are often the first line of defense against cyberattacks and human error is the number one cause of data loss. MSPs and their SMB clients must continually train their employees to identify phishing emails, avoid malware, and use strong passwords. Share this Cyber Threats Glossary with your clients to get the conversation started.
- Standing firm in requiring strong security measures: MSPs with solid security measures in place must think carefully about whether to allow any clients to opt out. Today’s protections, including firewalls, intrusion detection systems, and data encryption, should be considered must-haves, not nice-to-haves. Also, be sure to regularly automate updates to your software and patch any security vulnerabilities. Take a critical look at your security playbook with the free Cybersecurity Readiness Bundle for MSPs.
- Backing up, AND having an IR plan: In addition to backing up,MSPs must monitor their systems for suspicious activity, such as unauthorized access attempts or data breaches. Where some MSPs drop the ball is business continuity. An incident response (IR) plan assumes data loss will happen and provides step-by-step guidance for recovery and restoration of services to keep businesses moving. See how these strategies coincide for uninterrupted business continuity: Backups, Insurance, and IR: Why MSPs Need All 3.
- Getting and staying cyber insured: Do you have cyber liability insurance? Are you sure your policy will pay out? Leveraging automation over manual requirements is key for meeting the stringent demands of cyber insurance policies – and streamlining business continuity and disaster recovery (BCDR) for profitability. Make sure you’re doing it right with, How to Get Cybersecurity Insurance, a guide to becoming insurable for MSPs.
- Staying aware of the latest hacking threats: MSPs must stay up to date on the latest cyber risks and vulnerabilities threatening SMBs. Subscribe to security alerts and newsletters, attend industry events, and regularly evaluate the strength of your BCDR solutions and vendors. You’re probably already doing this, but when was the last time you added a new source of information? CISA’s cybersecurity alerts are a great resource to learn more about the threats from Volt Typhoon actors and Living Off The Land (LOTL) techniques.
Axcient is committed to helping our MSP partners protect themselves and their clients from threats – our x360 Platform is built securely by design. If you want to learn more, reach out today for a demo to see for yourself how Axcient enables MSPs to protect themselves and their clients from cyberattacks.
Author
Related posts
How well could you sleep with reliable cloud-based backups and recovery?
Take a deep dive into Axcient’s proprietary, automated security features to see how we’re ensuring uninterrupted business continuity — no matter what:
