The US Secret Service issued a security alert about ransomware attacks.
The US Secret Service issued a warning about an increase in hacks targeting managed service providers, or MSPs, of both the US private sector and various government entities.
According to a document published by ZDNet on June 7, threat actors have been widely relying on ransomware attacks, point-of-sale intrusions, and business email compromise scams to breach the internal networks of MSP customers.
Remote management software under threat
MSPs are service providers related to remote management software for enterprises, including file-sharing systems for internal networks, which could also be hosted inside a cloud infrastructure.
US Secret Service officials issued a warning, stating in part that:
“Due to the fact a single MSP can service a large number of customers, cybercriminals are specifically targeting these MSPs to conduct their attacks at scale to infect multiple companies through the same vector.”
Ransomware gangs target MSPs
In 2019, ransomware groups like GandCrab and REvil became known for targeting MSPs to deploy their attacks.