With advanced email phishing attacks on the rise, more enterprises are turning to channel partners for help. Customers are also increasingly viewing their managed service provider’s (MSP) in the context of the security they can provide, and a recent report by VansonBourne found that 90% of small businesses would go to another MSP if they thought it had stronger security.

As we recently noted, email security has evolved significantly over the past decade, and we offered our perspective on how it will look in 2020. While the threats evolve, many organizations remain too narrowly focused on solving small pieces of a large problem without addressing the bigger issue that email is the primary vector for most cyberattacks. According to the 2019 Data Breach Investigations Report, more than 90% of all attacks now start with an email.

Many of the trends we anticipate for enterprise will also hold true for channel partners and their customers. Advanced email phishing attack techniques like spear-phishing, account takeover, business email compromise (BEC) and ransomware are making threat prevention and detection more difficult. Our research also shows that adversaries are also increasing their use of polymorphic attacks to evade filters by making minor changes to email artifacts, content, and subject lines.

The email phishing threats to MSPs are on the rise

According to Markets & Markets, there are now roughly 20,000 successful MSPs in the North America alone. The irony is that the explosive growth of the MSP market is also elevating the attack profile of providers. Going after MSPs makes sense from the criminals’ point of view as it’s more efficient to target an MSP that has access to tens of companies’ data than to target individual companies.

An article at ProPublica noted that many criminals are targeting MSPs that handle computer systems for local governments and medical clinics. A common strategy is to go after consulting companies that handle things like software updates, firewalls, and data backups. Thousands of organizations have fallen victim through attacks on their MSPs, and ProPublica noted one incident where 4,2000 computers were infected with ransomware through one single incident with an MSP.

And while customers are under indirect attack through their MSPs, they’re also being directly attacked to get into their MSPs. Many cybercriminals are also cherry-picking targets and refining their efforts by going after MSPs that service specific verticals.

Protecting your business and customers from email phishing attacks

Modern email security essentials are important for the channel but for different reasons than the enterprise. The channel isn’t just protecting itself; it’s also protecting its customers and needs the ability to quickly prevent, detect and respond, as an attack on one customer could instantly happen to hundreds of others.

As attackers are only increasing their efforts, the channel must see the big picture and consider there are many steps they can take to ensure they’re offering their customers the best possible protection. In today’s email threat landscape, there is great power in sharing information to serve customers quickly and efficiently. That means reducing siloes and ensuring MSPs have the information they need to react and prevent the attack from spreading.

One of the best ways to do this is to share information within an actionable platform that supports automation and empowers them to proactively prepare for trending attacks.

Other necessary elements in this new environment include:

  • Automated Incident Response – The ability to efficiently manage real-time attacks without overburdening SOC teams.
  • Interoperability – Email security tools must be compatible and able to work with the other solutions employed at the organization.
  • Mailbox level Threat Detection – The ability to work in conjunction with advanced detections to identify sender impersonations, spoofing and business email compromise (BEC) that bypass traditional gateway security tools.
  • Transparent Communications – MSPs and customers should also have a written, agreed-upon outline that identifies what each party is responsible for. This can legally protect both parties in the event of an incident. MSPs should also make it a requirement for customers to adhere to the same cybersecurity protocols as them to ensure there’s no “weakest link” in the security chain.

Mitigating the risks in this complex environment calls for a greater emphasis on email security that automatically solves all of the pieces of the puzzle, while reducing the burden to both MSP and customer security teams. To learn more about our work with channel partners, read our Q&A with Champions Solution Group or head on over to our partner page.

Learn more about our partnership program

Watch this video: https://ironscales.com/resources/videos/

Eyal Benishti
Post by Eyal Benishti
October 8, 2019