September 19, 2019//Tony HowlettLast Updated: October 02, 2019
New developments were revealed in the mass ransomware attack that took down operations at 22 small Texas cities. The attackers coordinated the timing of the malware launch to hit all of the victims at once, thereby swamping the available digital first responders. It was previously reported that the attack originated in a Managed Service Provider (MSP) that the victim cities all had in common: RSM Consulting out of Rockwall, Texas. Based on new reporting done by CRN, the MSP was using the ConnectWise Control tool to support their clients and apparently the hackers were able to coopt the tool to exploit their clients.
So, due to all these factors, there’s no silver bullet that will quell this ransomware epidemic overnight. Small governments are going to have to take a good, hard look at established practices such as using MSPs and their own internal policies and procedures. MSPs are going to have to batten down the hatches and properly protect their customers’ systems and networks. And software providers can no longer get away with saying “we told you so” when their software is implicated in a massive attack like these.
An underlying issue with anyone using external vendors is that it opens up your network and systems to unwanted issues—like data breaches, lost data, and ransomware attacks. The best way to combat these well-known threats is to implement a program built for managing vendors’ access. Advanced technologies, such as vendor privileged access management (VPAM), will fully secure vendor accounts and their use.
To learn more about how your vendor access management tools are putting your company at risk, check out our helpful brochure that highlights the importance of having a separate software platform specifically to manage vendors’ privileged access to systems, networks, and applications.