MSPs Under Pressure: Navigating AI Impersonation, Phishing Exploits, and Ransomware Fallout

Managed service providers (MSPs) are currently facing unprecedented pressure from clients regarding cybersecurity, with a significant increase in expectations for MSPs to manage their cybersecurity infrastructure. A recent survey revealed that 84% of MSPs report their clients now expect them to handle cybersecurity end-to-end, a notable rise from 65% the previous year. This shift comes as MSPs themselves are under increased scrutiny, with 77% reporting heightened oversight of their security practices. The growing concern over emerging threats, particularly those related to artificial intelligence, has further complicated the landscape, as MSPs find themselves caught between rising client demands and a lack of accountability from cybersecurity vendors.

In a related development, a fraudulent impersonator has been using artificial intelligence to mimic the voice and writing style of U.S. Secretary of State Marco Rubio, successfully contacting several high-level officials to manipulate them for sensitive information. This incident highlights the vulnerabilities in secure communication channels and the ease with which attackers can exploit lax data security among government officials. The FBI has issued warnings about ongoing malicious messaging campaigns that utilize AI-generated voice messaging, emphasizing the need for enhanced verification protocols in executive communications.

Additionally, attackers have been exploiting Microsoft 365's direct send feature to launch phishing attacks, impacting over 70 organizations. This method allows attackers to send emails that appear to come from legitimate internal addresses, bypassing traditional security measures. Research indicates that conventional phishing awareness training is largely ineffective, with many employees failing to recognize phishing attempts even after training. The study suggests a shift towards interactive training methods, which have proven more effective in reducing the likelihood of falling victim to such scams.

Ingram Micro has begun restoring customer ordering capabilities following a ransomware attack that temporarily disabled its systems, but the company's lack of communication during the crisis has raised concerns among partners. The incident serves as a case study in breach communication, highlighting the importance of transparency and effective communication in maintaining trust. Meanwhile, Kaseya has expanded its community investment with the Technology Marketing Toolkit, aimed at enhancing resources for MSPs. However, questions remain about the potential cultural clash and the impact on the independence of the Toolkit's offerings within Kaseya's larger ecosystem.

Four things to know today

00:00 MSPs Face Rising Cybersecurity Pressure as Clients Demand Full Protection and Vendors Sidestep Shared Risk

04:25 AI Deepfake Impersonates Secretary of State in Sophisticated Attack, Exposing Risks for Executive Security

09:17 Ingram Micro Begins System Restoration After Ransomware Attack, But Silence Frustrates

12:07 Robin Robins Sells Technology Marketing Toolkit; Joins Kaseya as Strategic Advisor

This is the Business of Tech.   

Supported by:  

https://getnerdio.com/nerdio-manager-for-msp/

All our Sponsors: