Home Breaking News, Business & Finance ConnectWise Releases 2023 MSP Threat Report with Insights into Top Ransomware Variants and Cybersecurity Predictions
ConnectWise Releases 2023 MSP Threat Report with Insights into Top Ransomware Variants and Cybersecurity Predictions
Breaking News, Business & Finance

ConnectWise Releases 2023 MSP Threat Report with Insights into Top Ransomware Variants and Cybersecurity Predictions

written by Scott Cullen  |  March 31, 2023

ConnectWise announced the findings of its annual MSP Threat Report. Now in its fourth year, the report provides an analysis of the major MSP-related security events and trends from the past 12 months, alongside predictions for the year ahead.

ConnectWise Cyber Research Unit (CRU) analyzed over 440,000 incidents that impacted MSPs and their clients and identified the top five ransomware variants used to target MSPs in 2022, some of the biggest vulnerabilities impacting MSPs, and used this data to make predictions about upcoming trends MSP should be aware of.

“The findings of this year’s Threat Report highlight the growing importance of cybersecurity for MSPs and their customers. As the threat landscape continues to evolve, MSPs must remain vigilant and take proactive steps to protect their networks and clients,” commented Patrick Beggs, chief information security officer, ConnectWise. “By adopting a zero-trust network architecture, leveraging threat intelligence research and investing in specialized cybersecurity training, MSPs can stay ahead of the curve and build more effective protection for their mission-critical infrastructure and services. ConnectWise is proud to have a foundation of transparency and an integrated cyber infrastructure that supports reports like this. We can ensure strong countermeasures are in place to protect our partners – letting them connect with confidence.”

The report includes visuals so MSPs can cross-reference common techniques used and determine which are most likely to impact their business and customers. A heat map of the MITRE ATT&CK techniques and sub-techniques observed during 2022 allows MSPs to be more confident in investing in cybersecurity efforts that will have the most impact in defending against attacks.

One of the significant findings in the report is the emergence of a new phishing technique used by bad actors targeting MSPs. It works by exploiting changes in the default behavior of Visual Basic Application (VBA) macros handled in Microsoft Office documents downloaded online. In 2022, this approach led to a rise in the use of LNK files to deliver payloads, which would then lead to ransomware deployments.

MSP Threat Report Predictions for 2023 and Beyond

Based on this detailed insight, the report also offers a series of cybersecurity predictions for MSP in 2023 and beyond:

  • MSPs will remain the target of supply chain and critical infrastructure attacks. As a result, many MSPs will look to an outside partner with the right expertise to start strengthening their cybersecurity posture.
  • Zero trust network architecture is critical for MSPs. The most vulnerable MSPs are those without zero-trust network architecture (ZTNA), which is why governments worldwide will continue to expand their programs to require ZTNA from their vendors.
  • Leveraging threat intelligence research and inter-organizational collaboration is essential for MSPs. Understanding current threats can help MSPs prioritize their time and efforts on what will have the most significant impact on their networks and those of their clients.
  • MSPs will continue to solve the IT talent gap with tech stack consolidation and leveraging outside services. About three-quarters of IT industry leaders predict difficulties when recruiting data scientists or filling other tech positions in the coming years.
  • Specialized cybersecurity training will increase across the industry, but ramp-up will take time. While diversified skillsets have worked thus far for MSPs, evolving threat landscapes is best addressed with cybersecurity specialists.

About ConnectWise

ConnectWise is the world’s leading software company dedicated to the success of IT solution providers (TSPs) through unmatched software, services, community, and marketplace of integrations. ConnectWise offers an innovative, integrated, and security-centric platform—Asio—which provides unmatched flexibility that fuels profitable, long-term growth for partners. ConnectWise enables TSPs to drive business efficiency with automation, IT documentation, and data management capabilities and increase revenue with remote monitoring, cybersecurity, and backup and disaster recovery technologies. For more information, visit connectwise.com.

To become a subscriber, visit www.thecannatareport.com/register or contact cjcannata@cannatareport.com directly. Bulk subscription rates are also available upon request and included in our media kit.
Facebook Twitter Pinterest

Related Articles

security website cyberthreat ConnectWise

ConnectWise Integrates Microsoft Defender for Business with its...

The Cannata Report's Manic Monday

The Cannata Report’s Manic Monday: Office Technology News...

cybersecurity

ConnectWise 2024 MSP Threat Report: Unveiling Key Findings...

336621