Phishing attacks nibble at MSP service chain

Next story
Rene Holt

According to a survey* by ESET, managed service providers (MSPs) are pointing to spam, phishing emails and ransomware as some of the greatest IT security challenges they face. This information corroborates well with another 2019 statistic that singled out spam and phishing emails as responsible for 67% of ransomware attacks on MSPs.

Phishing emails often contain either an attachment with malware-laced macros or a link leading to a malicious domain. Employees who open and “Enable content” for these attachments or who click on such links are at serious risk of having their devices compromised by further malicious payloads. Perhaps one of the most alarming situations is when a ransom note appears on the screen after ransomware has encrypted the files of your machine.

As the number of ransomware outbreaks grow each year, the danger of an attack is too great for businesses to ignore. One report saw an increase of 37% in ransomware attacks targeting MSPs in Q3 compared to Q2 in 2019. Looking only at the publicly reported ransomware attacks hitting headlines worldwide in 2019, ZDNet reported on a growing list of 13 confirmed attacks on MSPs. Since then, multiple MSPs have continued to take a beating, including companies like Virtual Care Provider and CyrusOne. Clearly, MSPs must learn to master cybersecurity.

Fortifying defenses at entry points

According to research from Virus Bulletin, infamous malware like Emotet, which is known to deliver ransomware payloads, has been seen bypassing many email security products on the market. Fortunately, for business users of ESET Mail Security for Microsoft Exchange Server, VBSpam testing shows that ESET has the highest spam catch rate with the lowest false positive rate among competitors:

In addition to the catch rate for spam emails, careful attention should also be paid to the catch rates for “malware” and “phishing” emails.

Note, by a “malware” email, Virus Bulletin means one with a malicious attachment, and by a “phishing” email one with a malicious link, which would also include an email with a PDF attachment that contains a phishing link.

ESET Mail Security scored with the highest phishing catch rate and the highest malware catch rate. These are especially important metrics and necessary for businesses to assess their protection in the face of ongoing campaigns by dangerous malware.

Homoglyphs are deceiving employees

One way that phishing emails have found success in deceiving employees is that threat actors are able to swap out legitimate letters with the same-looking letters from another alphabet – a technique known as a homoglyph attack. So, what may look like to human eyes actually becomes for a computer – simply by swapping out the Latin letter “p” in the word “epic” for the Cyrillic letter “er”.

Part of the success, therefore, of ESET’s anti-phishing technology comes from protecting against homoglyph attacks. ESET’s products scan URLs for possible misuses of similar-looking characters as well as subjecting a number of pre-defined, high-value URLs for even deeper inspection.

In concert with ESET Mail Security, File Security and Endpoint Security products, businesses also have access to a powerful cloud-sandbox that submits emails and files to three layers of machine learning analysis in ESET Dynamic Threat Defense (EDTD). EDTD adds a layer of protection at the network level against zero-day exploits and advanced threats by detecting and blocking them at entry points into your corporate network without your business endpoints needing to deal with them first.

The need to protect with cutting-edge anti-malware technology is greater than ever

Since 2018, the global number of MSP partners leveraging ESET’s solutions to protect their customers has jumped from roughly 4000 to over 6000 in 2019. The marked growth over the last year reflects the continued commitment by ESET to empower partners with new and ever more robust solutions that are light on system resources and easier to manage.

For example, in response to feedback from partners, ESET continued to develop a second version of the ESET Managed Service Provider Administrator (EMA2), which greater facilitates the management of billing, licensing and customers. A key part of the dialogue between MSPs and ESET was to provide additional functionality and automation that would support the daily tasks of IT administrators.

Therefore, MSP administrators are able to manage multiple customers/users from one dashboard with the ability to define specific read and write access. As part of the automation upgrade, IT administrators who manage the security of business endpoints remotely via the ESET Security Management Center (ESMC) dashboard now have licenses automatically synced from EMA2.

ESMC itself received further upgrades to help businesses comply better with GDPR and other data protection regulations. For example, it is now possible to deploy “one-click” full disk encryption to all endpoints from ESMC. In addition, businesses can also take advantage of two-factor authentication via ESET Secure Authentication to protect login access to EMA2 – a double win for compliance.

For those MSPs who require integration with popular remote monitoring and management (RMM) tools like Datto, SolarWinds and ConnectWise, ESET provides direct endpoint management (DEM) plugins that allow IT admins to easily deploy and manage ESET security products. The year 2019 saw the addition of a new plugin to the portfolio for the well-known NinjaRMM.

Interested in a partnership? Check out our MSP page for more information about how you can protect your business with ESET’s award-winning technologies.

* ESET polled 488 MSP partners in 14 countries during July 2019 via an online questionnaire. 65.8% of respondents identified spam and phishing emails as the biggest IT security challenges they encountered while 61.1% identified ransomware.