Cyber Threat Survival Guide
Is your company prepared for what’s next on the cybersecurity horizon? Download our survival guide for ransomware and other hacking methods to increase your readiness for the next wave of cyber threats.
March 02, 2020//JoelLast Updated: June 13, 2022
Nearly six months after the Texas mass ransomware attacks that took down operations at 22 small Texas cities, we still talk about it pretty regularly. That’s the type of impact a mass ransomware attack can have. As a refresh, the attackers coordinated the timing of the malware launch to hit all the victims at once, thereby swamping the available digital first responders.
It was previously reported that the attack originated in a Managed Service Provider (MSP) that the victim cities all had in common: RSM Consulting out of Rockwall, Texas. Based on reporting done by CRN, the MSP was using the ConnectWise Control tool to support their clients and apparently the hackers were able to coopt the tool to exploit their clients.
So, due to all these factors, there’s no silver bullet that will quell this ransomware epidemic overnight. State and local governments are going to have to take a good, hard look at established practices such as using MSPs and their own internal policies and procedures.
MSPs are going to have to batten down the hatches and properly protect their customers’ systems and networks. And software providers can no longer get away with saying “we told you so” when their software is implicated in a massive cyberattack like these.
An underlying issue with anyone, and especially government entities, using external vendors is that it opens up your network and systems to unwanted issues—like data breaches, lost data, and ransomware attacks.
The best way to combat these well-known cyber threats is to implement a program built for managing vendors’ remote access. Advanced technologies, such as vendor privileged access management (VPAM), will fully secure vendor accounts and their use in order to avoid making headlines for a data breach or ransomware attack.