Managed Service Providers (MSPs) seem to be a huge target for ransomware lately. MSPs in both government and the private sector have been under attack, causing the U.S. Secret Service to issue a special warning about this phenomenon.

It is widely known that service providers are a great cyber target – one single MSP can give cyber attackers access to infecting multiple companies and victims, all through the same attack vector, which is usually the MSP’s server component. Even so, attacks on MSPs started peaking late, around 2016, and have continued to soar since then. Ransomware attacks on MSPs are a relatively new thing, with ransomware groups such as GandCrab and Sodinokibi shifting to target MSPs in 2019.

Last month, the Secret Service claimed that GIOC, their Global Investigations Operations Center, has seen an increase in MSP hacks as a gateway to infecting the providers’ many clients. Among these MSP hacks, the most prominent were ransomware attacks, business email compromise, and attacks against point-of-sale (POS) devices.


How to Take Action Against These Ransomware Attacks

To protect yourself from these types of attacks, and more, make sure to utilize the Ransomware IP and Domain protection bundles in your ThreatSTOP policy, which are continually updated with the latest ransomware protections.


If you’re a Managed Service Provider and interested in learning more about how ThreatSTOP protects you against this surge of ransomware attacks, among other ransomware variants, check us out below. Learn more about how ThreatSTOP reliably and quickly protects your network from cyber threats. Start a 14 day trial below.

Start Your Trial