MSP360 For MSPs
Delivering fresh business and technology insights for MSPs

Why Cybercriminals Are Targeting MSPs?

Cybercriminals are now attacking managed services providers typically hired to protect business assets from cybersecurity attacks. For one reason or another, many IT shops aren’t properly securing their own systems — and this oversight is not only damaging reputations but costing them money. 

Despite efforts by IT security professionals to mitigate threats, more than 33 billion records are expected to be stolen by cybercriminals in 2023 alone, according to a report by Juniper Research. 

Even though they’re considered to be experts, MSPs and MSSPs will be the victims of some of these attacks. 

To prevent this from happening to you, there are a few concepts to consider.

Why Cybercriminals Target MSPs?

Even though selling cybersecurity services has become a lot easier for MSPs, especially as the number of cybersecurity incidents continues to steadily increase, there’s still a rising concern around cybercriminals gaining access to numerous customer networks through MSPs (ironically, the companies hired to protect businesses from being exploited).

This worry isn’t anything new. Federal agencies have been issuing warnings about the rising number of nefarious attacks targeting MSP customers since April 2017, when the Cybersecurity and Infrastructure Security Agency (CISA) issued its first alert on the matter. Since then, the problem has grown and continued to negatively impact channel partners by putting their reputations at risk. (Think about it like this: Would you outsource IT to a cybersecurity professional if the likelihood of being targeted by cybercriminals is high?) 

More recently, cybercriminals have been using ransomware attacks — more than 4,000 have taken place daily (which amounts to about 1.5 million per year) — to target MSPs; instead of going after businesses separately, they’re banking on locating several data sources to hold for ransom. Unfortunately, this approach, a logical shift, has been paying off.

For example, an MSP in June 2019 paid a hacker more than $150,000 to recover data after a ransomware attack.  

To ensure this doesn’t happen to you, assess your business the same way you would a customer’s.

Proceed as if You Were Securing a Client’s Infrastructure

It happens: Sometimes, you get so bogged down with protecting your customers you forget about your own needs. In your case, though, securing your own infrastructure shields your customers from potential harm — and ensures you won’t be paying a six-figure sum for customer data anytime soon.

When reviewing what a customer needs, you review a checklist, don’t you? There's absolutely no reason why you shouldn’t go through the same process when evaluating your own infrastructure, even if you believe you need to because “you’re the expert” (accepting potential risk). 

Further reading Want to Start Your Own MSSP? Here's a Checklist

Begin by assessing your goals and objectives. While it may be difficult to do, try your best to evaluate your business objectively. How has your company evolved? If you’ve picked up new clients in industries unfamiliar to you, do you need additional protections for their data sources? Reviewing your company’s objectives is the first step to securing your infrastructure.

Next, map your infrastructure for pain points, just like you would with a client. Where are the greatest challenges in your network? Can you overcome any of them?

Further reading OS Hardening vs. Data Protection: Why You Need Both Cybersecurity Features

One of the best ways to identify your pain points is by testing your systems regularly, but you’re already doing that, right?

Test Your Systems for Vulnerabilities Regularly if You’re Not Already Doing It

If you're not regularly testing your systems for vulnerabilities, why aren’t you? As an MSP, you should be leading by example instead of following a “do as I say and not as I do” approach. 

The purpose of security testing is to discover flaws within your network. When you skip this vital step — as you well know — you leave your firewalls, web servers, routers, switches and systems vulnerable to attacks by outside threat actors dedicated to exploiting you and your clients. To prevent unwanted intrusions, take the proper precautions by deploying the appropriate testing strategies. 

Further reading Penetration Testing as an Offer: Why Should MSPs Conduct Security Testing?

For example, use penetration testing tools not only on client systems but your own to ensure your networks are protected from the very threats your customers hired you to thwart. 

Don’t forget to also review your SIEM software, antivirus solution, endpoint security tools, BDR solution, and password management tools.


Attacks on MSPs aren’t slowing down anytime soon. Protect your networks by treating them as if they were your clients’. Recognize the threats are out there and properly secure and test your systems to ensure not only you but your clients are protected from the growing number of cybersecurity threats.

MSP’s Assets to Stay Safe from Phishing
  • Phishing response checklist
  • Phishing awareness training slides
  • Anti-phishing posters
New call-to-action
Anti-phishing assets