Security News
Kyle Alspach
October 19, 2023, 03:59 PM EDT
Solution providers such as CDW and vendors with a large partner base such as Barracuda and Cisco have been targeted by cybercriminals this year.
Hackers Strike The IT Industry
Even for the IT industry companies dedicated to helping protect customers from hackers, cyberthreats such as ransomware and data breaches are a major issue. True, cyberattacks have struck an array of solution and service providers — as well as channel-focused cybersecurity vendors — in recent years. But 2023 has seen a spate of data breaches that have impacted the IT channel, particularly in connection with the string of MOVEit attacks from earlier this year. Those attacks exploited a vulnerability in Progress’ MOVEit file transfer software, and Russian-speaking hacker group Clop has targeted a number of IT industry companies, including IBM, Cognizant and Deloitte, with data extortion attempts this year. Those IT solution and service providers are among the more than 2,000 organizations that are believed to have been compromised in the MOVEit attacks.
Meanwhile, other major cyberattacks that have affected top IT channel players have included the recent LockBit attack against CDW and the ransomware attack that took down ScanSource’s website for weeks earlier this year. And vendors with large partner bases such as Barracuda and Cisco have also been impacted, with major attacks launched exploiting vulnerabilities in some of their most widely used products.
[Related: LockBit’s $80M Ransom Demand To CDW Is Third Largest Ever: Expert]
The attacks by malicious hackers serve as another reminder that even the businesses that make their living from technology products and services — including in cybersecurity — are in no way immune to the massive threat posed by cybercriminals. Prior incidents have included the malware attack that struck SHI in July 2022 and the LockBit ransomware attack against Accenture in mid-2021. Looking even further back, major solution providers that were struck by ransomware incidents during 2020 included Cognizant, Conduent, DXC Technology and Tyler Technologies.
And while attacks against MSPs tend to be more under-the-radar, given the fact that many MSPs are on the smaller end of the spectrum, these frequent attacks are another example of channel companies facing impacts from hacker activity. MSPs continue to be a massive target for hackers seeking to compromise their systems — such as remote monitoring and management (RMM) — in order to acquire access to their end customers. Earlier this year, the Cybersecurity and Infrastructure Security Agency warned that the malicious use of RMM tools continued to pose a major threat, including to MSPs — pointing to a “widespread” cyberattack campaign from last fall that leveraged the RMM platforms ScreenConnect (now known as ConnectWise Control) and AnyDesk. More recently, in August, CrowdStrike threat hunters reported a 312-percent jump in abuse of RMM platforms by attackers, year-over-year.
Solution and service providers have also been grappling with indirect impacts from cyberattacks in 2023, with key products from Barracuda, Cisco and other channel-focused vendors falling victim to exploits by threat actors. The attacks against Cisco IOS XE customers, first disclosed on Monday, have already impacted tens of thousands of customers and Cisco partners, according to security researchers.
As cyberattacks continue to impact the IT industry, what follows are the key details on 12 companies targeted in 2023.
Kyle Alspach
——————————————————–
