Over the Edge By Martin Vilaboy As network capabilities move to the edge, so have threat actors There are at least two notable findings that should concern MSPs within ConnectWise’s most recent MSP Threat Report, which draws from millions of endpoint detection and response (EDR) and security information and event management (SIEM) alerts across thousands of MSPs and their clients to gauge trends within cybersecurity. For starters, “MSPs are increasingly in the crosshairs of attackers targeting the IT ecosystem,” warned the report. Instead of risking the government and media attention that tends to come with attacking larger entities, threat actors are shifting interest to several smaller payloads and are using MSPs – which may have fewer cybersecurity resources – as gateways to attack all their small and midsized (SMB) customers, said the ConnectWise research team. “Additionally, they are shifting tactics more quickly to try and find vulnerabilities faster than MSPs can fix them.” Secondly, threat actors increasingly are focusing their attention on the network edge, the report continued, underscoring the expanding attack surface that MSP must defend. While phishing continues to be the prevalent attack vector, “vulnerabilities in edge devices provide an alternative and often highly effective method for compromising company networks,” said the ConnectWise research unit. While edge devices such as firewalls, VPNs, RDP gateways, cloud edge solutions and IoT devices often are the first line of defense against cyberthreats, bad guys “are consistently exploiting flaws in these devices to gain initial access to networks,” often leveraging them as entry points for ransomware campaigns and other post-compromise activities, said the report. Indeed, ConnectWise noted a “sharp increase” since January 2024, in attempted attacks on edge devices, including more than 84,000 recorded alerts targeting specific vulnerabilities in major brands such as Cisco, SonicWall, Palo Alto, Citrix, Check Point and Ivanti. Of course, as remote work becomes the norm, hybrid cloud environments proliferate and organizations expand their digital footprints, the importance of securing edge systems cannot be overstated, as their security directly impacts the integrity of the entire network. Perhaps that partly explains the increasing popularity of secure access service edge CYBER PATROL 26 CHANNELVISION | MARCH - APRIL 2025
RkJQdWJsaXNoZXIy NTg4Njc=