Utilizing news resources as a cybersecurity tool
One of the best cybersecurity tools isn’t fancy software or a skilled engineer (both of which are important and have their place). Instead, it is something that doesn’t even cost a cent: news and information.
“I work with a lot of managed service providers (MSPs), and the ones that are the most successful aren’t in a bunker. They are staying on top of international, national, and local cybersecurity events,” says Dan Parsons, an independent cybersecurity consultant in Philadelphia.
“The reality is that, by knowing what is going on everywhere, you can get a holistic picture of the state of cybersecurity,” he explains. The reason having that knowledge is important is that it better positions an MSP to prevent a problem before it occurs instead of cleaning it up after the fact.
“It’s so simple to get caught up in the day-to-day routine that it’s easy to miss what is going on around us. If you do that, you miss the big picture, and in cybersecurity, the big picture is as important as the small picture,” Parsons adds. “Everything is interconnected.”
He advises that MSPs find a source of cybersecurity news they trust and stay on top of it every day. “There are RSS feeds you can sign up for, keyword alerts, CISA bulletins, make following cybersecurity news part of your daily workflow,” Parsons says.
Recent cybersecurity headlines
Here are some of the biggest cybersecurity stories of the past couple of weeks and why Parsons believes they are important:
Boeing compromised: The aerospace giant confirmed that their systems were breached by hackers this past week and began alerting customers that its parts and distribution systems have been impacted by an attack. Published reports say the LockBit ransomware gang claimed that they breached the company’s network and stole data. “This is important to know. It just shows how even a giant like Boeing, with probably some of the most impenetrable cybersecurity, isn’t infallible,” Parsons states.
Ace is the place: Ace may be the place for the helpful hardware folk, but it was also the place for a cyberattack at the end of October. According to published reports in a note recently sent to Ace retailers, Ace corporate office said: “On Sunday morning, we detected a cybersecurity incident that is impacting the majority of our IT systems. As a result of this incident, many of our key operating systems, including ACENET, our Warehouse Management Systems, the Ace Retailer Mobile Assistant (ARMA), Hot Sheets, Invoices, Ace Rewards, and the Care Center’s phone system, have been interrupted or suspended.”
Parsons asserts that it’s not knowing about one incident that is so important, but following the news and knowing what is going on allows MSPs and other cybersecurity specialists to “connect the dots.”
Clark County School District: Schools are a goldmine for hackers seeking saleable data, and Nevada’s largest school system was too irresistible a target. Financial records, protected health information, and social security numbers are just a few of the items that hackers consider to be tempting treats in a school’s database.
“Clark County School District (CCSD) confirmed it suffered a cyberattack last month. Threat actors gained access to the district’s email servers. “On approximately October 5, 2023, CCSD became aware of a cybersecurity incident impacting its email environment,” said a statement from the CCSD.
The hackers later contacted a news station in Las Vegas to show them some of the sensitive student data they had collected. Parsons explains such an attack illustrates the premium MSPs should place on the security of educational clients. “Schools have all the data hackers could want. The attack in Clark County forced students back into the ‘primitive days’ of doing assignments with paper and pen as computers were largely sidelined.”
Iowa attack: Not the state, but the tiny town of Iowa, Louisiana, revealed its municipal system was breached and confidential data stolen. According to reports: Cybersecurity group DEFCON225 reported the hack to KPLC, stating it was a ransomware attack committed by a group known as BlackCat/ALPHV.
Documents provided to KPLC by DEFCON225 show some of the documents stolen as benign as easily available council meeting agendas. Others included employee Social Security numbers. “There is no town too small for hackers,” expresses Parsons. He adds that municipalities often have the resources, such as insurance policies or rainy-day funds, to pay for ransomware attacks.
Staying current is crucial to remaining competitive
On top of gaining insightful knowledge into attackers’ behaviors, other cybersecurity benefits to staying on top of the news, according to Parsons, include:
- Security threats are continuously evolving. MSPs need to be aware of the latest security threats and vulnerabilities to protect their clients.
- New technologies and trends are emerging constantly. MSPs need to stay up to date on the latest technologies and trends to provide their clients with the best possible service.
- The business landscape is forever changing. MSPs need to be aware of the latest trends in their industry to remain competitive.
In addition to delivering resources and content to help MSPs grow their managed services business, SmarterMSP.com also offers Cybersecurity Threat Advisories. Subscribe today to stay ahead of vulnerabilities and threats seen in the wild.
Photo: metamorworks / Shutterstock