Indirect damage: Why service providers should care about customer security

This year witnessed the further spread of the disease we call ransomware. After seeing the profitability of this “revenue stream” in the consumer segment, cybercriminals are moving ever deeper into the business segment, looking for the most vulnerable victims.

Several cases of data encryption followed by extortion have been documented in a new sector, where vital services such as healthcare have been targeted in recent months. The infamous case of Hollywood Presbyterian hospital demonstrates how suffering a ransomware attack can cause direct financial losses – in this case $17,000 in BitCoins – as well as reputational damages.

After seeing the attack scenario repeat itself multiple times throughout 2016, it’s fair to assume that healthcare is only an initial interest of cybercriminals, and other business sectors will likely follow. According to FBI estimates, ransomware is on track to become a $1 billion a year criminal enterprise by the end of 2016.

However, ransomware is not the only cyberthreat businesses have to face today. Just recently, ESET reported on Retefe malware which targeted customers of various banks mostly in Switzerland, Austria, and the UK. By redirecting clients of these banks to fake or modified banking webpages, it attempted to harvest login credentials and misuse this information for malicious purposes.

Despite the fact that MSPs might not be first-line targets in such cases, they can take the hit indirectly as the providers and operators of IT services for banking or health care clients. All the potential losses and the burden of extensive IT support generated by a malware attack is theirs, and thus, their responsibility to solve.

Offering reliable security solutions from a respected security vendor can be the difference that helps MSPs and ISPs build their brand as responsible partners able to handle cyber security threats and reinforce a perception of expertise, as well as provide high quality services in the field.

To find out more on the cyberthreats that businesses faced in 2016 and what ESET can offer to counter them, visit our booth B05 in Hall 5 at Mobile World Congress in Barcelona. ESET Chief Research Officer Juraj Malcho will be holding presentations on the aforementioned topics as well as other interesting issues throughout the event.

The Mobile World Congress runs from February 27th until March 2nd 2017.

Author , ESET

  • Tom

    What happens in the case the MSP or even the MSSP recommends the reliable security solutions to the customer for a spectrum of security issues and they REFUSE them? We see time and time again the refusal by HIPAA covered entities to acknowledge HIPAA in general and cyber security specifically. It seems with diminishing payments from insurance for services they are penny wise and pound foolish setting themselves up for loss of service, data breaches, and fines from OCR or FTC.

    We all agree they need to be cyber smart, and find far too many don’t care. Scary since even the govt cant prevent breaches with basic reliable security solutions.

Follow us

Copyright © 2018 ESET, All Rights Reserved.