ConnectWise, a software company dedicated to the success of technology solution providers (TSPs), announced the findings of its annual MSP Threat Report. This report, which is in its fifth year, analyzes key security incidents and trends from the past 12 months, and equips TSPs with expert guidance for the year ahead. To protect SMB operations, it is essential to inform TSPs about the evolving threat landscape so they can stay well-informed and practice proactive cyber defense strategies.
ConnectWise’s cyber research unit (CRU) analyzed half a million cybersecurity incidents that affected IT solution providers and their clients. This analysis is focused on identifying most-targeted vulnerabilities, such as the implications of Windows Server 2012 end-of-life, and offering comparative analysis of tactics employed by threat actors between 2022 and 2023.
“This year’s threat report serves as a stark reminder of the daunting challenges that the industry faces in developing and implementing effective cybersecurity strategies in an ever-changing and growing threat landscape,” said Raffael Marty, EVP and GM, cybersecurity, ConnectWise. “Our report is specifically tailored to empower SMBs in navigating the escalating complexity and noise surrounding cybersecurity, enabling them to prioritize the best practices necessary to safeguard their IT environments. The 2024 MSP Threat Report findings reveal the heightened risks stemming from outdated software, vulnerabilities associated with remote work environments, and the alarming surge in the frequency and impact of ransomware attacks. These mission-critical challenges demand immediate attention from TSPs as they gear up for the upcoming year.”
“At ConnectWise,” he continued, “we take immense pride in leveraging the invaluable insights derived from our integrated cyber infrastructure to equip our partners with actionable intelligence, empowering them to serve SMBs with unwavering confidence.”
One of the most significant trends identified in the report was the continually surging incidents of drive-by attacks. A standard cybersecurity defense posture operates under the assumption that an attacker will proactively reach its target and engage with them within a given threat surface. However, the 2024 report uncovered that during 2023 there was an increase in malicious activity using a different delivery approach in which threat actors place themselves so that victims proactively come to them, known as a drive-by compromise.
- The MSP Threat Report highlighted:
- Securing SMBs as a paramount focus for TSPs.
- A focus on defense evasion tactics employed by threat actors.
- Increasing threat actor reliance on defense evasion tecniques such as obfuscated files and living-off-the-land binaries.
- A 94 percent increase in ransomware sightings in 2023 compared to the previous year.
To download the report, please click here. To learn more about ConnectWise, please visit connectwise.com.
