Category Archives for "Managed Services News"

Mar 16

Minimizing Business Downtime with a Complete Restore Toolkit

By | Managed Services News

When disaster strikes and operations go down, businesses panic. That anxiety is warranted. According to Datto’s 2019 State of the Channel Ransomware Report, 85% of managed service providers (MSPs) reported ransomware attacks against small-and-medium-sized businesses (SMBs) in the last two years. In fact, nearly half of those attacks led to business-threatening downtime. In this eBook, we’re highlighting the tools MSPs need to address disasters and avoid downtime.

In this eBook, you will learn:

  • How Instant Virtualization simplifies and accelerates the recovery process
  • Why Datto’s Fast Failback technology makes Bare Metal Restores painless
  • Tips for recovering one or many files at a time
  • And more!

Sponsored by:

Mar 15

Accurics Unveils First Partner Program for Developer-First Cloud Security

By | Managed Services News

Accurics plans to expand the program to more than 30 partners this year.

Accurics, the infrastructure-as-code platform provider, has launched its first channel program with 12 inaugural partners.

The program is for partners who share a developer-first approach to cloud security in tune with infrastructure as code. Accurics plans to expand the program to more than 30 partners this year.

Accurics tackles cloud security early on with infrastructure as code. Its platform self-heals cloud-native infrastructure by codifying security throughout the development life cycle. It detects and resolves risks across infrastructure as code before provisioning infrastructure.

Alex Ausmanas is Accurics‘ vice president of sales and partnerships.

Accurics' Alex Ausmanas

Accurics’ Alex Ausmanas

“We’re seeing tremendous interest from the partner community stemming from conversations they’ve had with customers, coupled with the continued focus on shifting security left in the cloud life cycle,” he said. “We have also seen an uptick in requests for service offerings being developed around the insights our platform delivers.”

Partner Feedback Incorporated

Accurics consulted with several inaugural partners regarding the program’s structure, Ausmanas said. The company wanted to understand how they go to market and what value they look to get from a partner program.

“The channel is at its most valuable when it’s dynamic — finding, testing and deploying existing and new solutions that partners’ customers need, but don’t have the bandwidth to find and implement on their own,” he said. “In the cloud, where we see a steady stream of cloud-native technologies delivering big benefits, but also a high level of risk, that need is greater than ever because cloud-native technologies are severely unprotected. And we’ve seen the evidence of that. Over 30 million records have been exposed through more than 200 cloud breaches in the just the past few years.”

This keeps happening, in part, because development velocity far outpaces security velocity, Ausmanas said.

“At the same time, the shift to infrastructure as code has created an opportunity for security to be embedded earlier into the development life cycle,” he said. “Other players detect risks in the infrastructure as code by enforcing policy guardrails during development. But detecting issues without providing a way for them to be resolved only shifts the noise from runtime to development. Other options detect risks in runtime only after cloud infrastructure has already been provisioned. But security teams lack context and have to manually address issues with the development team. As a result, many cloud misconfigurations are never addressed.”

Comprehensive Visibility Missing

What’s missing is comprehensive visibility into cloud-native risks during both development and runtime, Ausmanas said.

“This is what we’re pioneering at Accurics and bringing to the channel,” he said. “Our technology supports both developer and security workflows, in development and in runtime. And we’re the only company tying those two together in the cloud.”

The Accurics platform offers policy as code, security as code, drift as code and remediation as code.

Vineeth Rajagopal is CTO and chief revenue officer at DigitalOnUs, one of the program’s inaugural partners.

“Our philosophy at DigitalOnUs builds on cloud-first agile application development process, from concept to market, and overcoming challenges that emerge in that process,” he said. “The Accurics solution and channel program offer major benefits to our clients that are adopting cloud-native infrastructure. We look forward to working with this dynamic entrant.”

Mar 15

Accelerating Digital Skills Training for a Changing Workplace

By | Managed Services News

Emerging tech is driving the need for upskilling and reskilling.

CloudShare's Amir Hofman

Amir Hofman

According to research from IBM, about 120 million workers from across the globe will need retraining within the next two years due to the impact of artificial intelligence and automation. Drilling down, a report from (ISC)² estimates a worldwide shortfall of skilled cybersecurity staff in 2020 needs to improve by 89% to be adequate. And while a study by professional services company Capita found 70% of respondents felt internet of things (IoT) was relevant to their companies, three-quarters reported they weren’t able to capitalize because their workforce didn’t have the right skills.

As technology evolves, some jobs become redundant and are lost. On the other hand, new needs arise and roles are added. Regardless, a digital skills gap continues to make workforce planning a serious challenge, one that could jeopardize the future of many enterprises. Continuous reskilling and upskilling have become essential, not just to handle new functions, but to fill in the spaces that emerge as the allocation of turf between humans and technology is continually redrawn.

Culture and COVID-19

Across industries and throughout business operations, elevating the digital skills of employees has become imperative. If for nothing else, it enables effective collaboration between colleagues, partners and customers via various channels. A workforce versed in technology can also help their companies respond to change quickly and better compete. And, of course, there’s the cost savings of streamlined operations and a remote workforce. The latter has earned a permanent place in business to at least some degree due to the success of the pandemic migration.

Of course, many tasks are becoming more reliant on advanced technologies. From remote diagnosis in telehealth to digital twins in manufacturing to predictive analytics in so many industries, progress holds tremendous promise. However, few tech developments will bear fruit for a company if they fail to provide the right training, especially for nontech professionals. To cultivate the right digital chops, companies must create a culture that emphasizes ongoing learning and training for employees.

In some ways, COVID-19 has actually moved progress forward. Many organizations enlisted new technologies to handle issues from physical distancing to supply chain disruptions due to closings and delays. In particular, many were able to ramp up digital learning initiatives, which in turn has expedited their overall digital transformations.

This trend will continue long after the pandemic has passed. In fact, a recent Gartner survey of human resources, legal and compliance leaders showed that 82% of respondents intend to permit remote working some of the time after employees can return to offices, and nearly half say they’ll allow staff to work remotely full time.

New Approaches

For enterprises, facilitating the digital skills development of employees across departments and locations requires new learning approaches. Traditionally, many organizations favored instructor-led, classroom-based, face-to-face training. In-person instruction offers benefits like heightened engagement and prompt feedback. But while that may help the transfer-of-knowledge, face-to-face isn’t practical for delivering complex upskilling and reskilling programs at scale cost-effectively, especially when a workforce is spread across the globe.

The pandemic effectively brought classroom-based instruction to a halt, while opening the floodgates to virtual instructor-led training (VILT) and self-paced learning. With social distancing, many enterprises quickly discovered the flexibility of self-paced programs is particularly ideal for large-scale training. It offers control over when and how employees engage in learning, yet enables them to progress on their own and customize experiences rather than follow a rigid program and schedule that might conflict with activities on the home front.

Still, while moving training online can serve larger audiences, proper tools and processes are critical for tracking and supervising. Without these, training effectiveness will actually decline. That said, self-paced learning should leverage technology that ensures learning continuity for every employee, real-time support and feedback, tracking of progress, as well as the ability to gather usage analytics that instructors can draw upon to fine-tune their efforts.

Virtual Gets Real

Virtual training can optimize the implementation and use of new self-paced and hybrid learning methods. Through advanced cloud technologies – particularly time-saving business acceleration clouds (BAC) that feature purpose-built tools – organizations can provide realistic, personalized environments. Most important, they can offer hands-on experiences on the same software and tools employees will use on the job.

The latter – the learning by doing method – is proven to dramatically improve knowledge transfer alone.

If an environment freezes, crashes or the employee encounters any other technical issue when training, they can simply start over without fear of damage. This is because the environments are safely isolated, enabling them to learn from their mistakes and overcome hesitancies. Additionally, training leaders can examine data and analytics to understand environment usage, effectively calculate program costs, accurately assess class-to-class performance, determine instructor success and more.

As technology, business and social trends continue to reshape the workplace, flexible, real-world learning that can speed digital skills development and allow a company to adapt and pivot is vital. Its clear virtual capabilities bring real benefits for training at scale, whether it’s for a changed or expanded role or a changing and expanding company.

Amir Hofman is chief product officer at CloudShare. He has deep expertise in technical architecture and software development, having led large global operations and multifunctional teams involved in product creation, engineering and user experience (UX). Previously, he was vice president of product for event platform company Bizzabo. Prior to that he held the same position for enabely, the training platform formerly called Time to Know. You may follow him on LinkedIn or @CloudShare on Twitter.

Mar 15

5 Things MSPs Should Consider When Evaluating EDR

By | Managed Services News

MSPs should evaluate the needs EDR will satisfy, the level of effort it takes to implement, and how EDR fits into their overall service offering.

Buzzwords and acronyms abound in the MSP industry, an unfortunate byproduct of marketing years in the making. Cybersecurity is a hot watercooler topic at any business. Well, now probably more likely a virtual happy hour than a watercooler, but, nevertheless, cybersecurity remains top of mind.

To sleep at night, MSPs feel they must enhance or expand their security offerings beyond the standard layers, like firewalls, firewall filtering, Active Directory protocols, DNS filtering and antivirus/malware detection. One of the ways many MSPs feel they can satiate their cybersecurity concerns involves buzzword-y new acronyms floating around involving “EDR” or endpoint detection and response. But what is EDR really, and what can it do for MSPs and their clients?

But, first, besides EDR, there’s also ADR, MDR, xDR … The industry can surely expect newer blank-DR acronyms to come in the next few years. What are all these acronyms, and how do they help MSPs protect their clients? Here are a few definitions:

  • EDR (endpoint detection and response): Technically, every security agent sitting on an endpoint is an EDR solution. The information the agents feed back to administrators determines what action to take and when.
  • ADR (automatic detection and response): Newer technology allows the agent to automatically make a decision without human intervention. Ideally, ADR automatically remediates a situation and reports to the administrators on action taken.
  • xDR: This newer acronym refers to agents across a network communicating to make a remediation decision or report decisions across multiple endpoints.
  • MDR (managed detection and response): A best-of-breed solution using EDR, ADR and possibly xDR tools in various combinations, MDR allows a human team to make decisions and respond to situations. While more complex and administration- heavy, MDR closes the gap that arises when suspicious applications are being monitored and observed, but not reacted to by an ADR or xDR solution. Human-driven MDR ferrets out the suspicious and reacts.

Here are five things MSPs should consider when evaluating EDR solutions.

1. All security tools with an endpoint agent are basically EDR.

Their job is to detect malicious code, applications, scripts or other malicious files and make a status determination on the fly. Most security agents use various methods like physically scanning file hashes, scanning file content, watching behaviors, looking at scripts and detecting known attack surfaces to try to ascertain if a newly encountered file is good or bad.

How the security agent reports its activity depends on the EDR tool. So, while many security tools claim they offer an “EDR” solution, the key is to determine the level of threat, suspicions, and action taken in reporting or alerting that adds value for MSPs.

2. The “R,” or response, is key to a successful EDR solution.

While many security tools report and alert, the level of response is the most important aspect of any security practice. If the security agent provides minimal information for decision making, it’s of limited use to the technical personnel responsible for intervening.

On the other hand, technicians can take advantage of security tools with consoles that display alerts, reports and visibility into whether an agent responded, how the agent responded and the agent’s current status. Too often, tools don’t provide necessary insight for reviewing or comparing threat data or approaches–like the MITRE attack framework or other sites with relevant threat information.

Solutions with a more comprehensive APIs are advantageous for custom review, integration into more dedicated threat review tools, or for alerting through a log gathering and reporting tool. APIs are valuable for providing added information from which human technicians can make decisions.

3. What can be done with the EDR information? Is it actionable?

Once a tool has been selected, what should be done with the information it provides? Answering this is key to

Mar 15

Tealium, Commvault Vet to Oversee Druva Partners

By | Managed Services News

Robert Brower says Druva Partners have “tremendous” opportunity in front of them.

Robert Brower, previously with Tealium and Commvault, is the new senior vice president of worldwide partners and alliances at Druva.

Brower will oversee Druva’s expanding channel program, Druva Compass. The company introduced the program in 2019.

He’ll also oversee strategic partnerships with companies like Amazon Web Services (AWS) and VMware. Furthermore, he’ll play a key role in building new partnerships. He’ll expand Druva’s partner network and identify new opportunities for future growth.

Druva hired Brower as vice president of strategic operations and chief of staff last summer. In that role, he led companywide strategic projects and product operations.

Helping Partners Succeed in Cloud

Druva's Robert Brower

Druva’s Robert Brower

Brower said Druva partners have a “tremendous opportunity in front of them.”

“The business world is moving to the cloud at a breakneck pace,” he said. “And Druva’s partners are the experts to guide organizations through this transition and, ultimately, be successful in the cloud. I want to make sure our partners have the programs and capabilities readily available to help customers thrive in the cloud and effectively protect their data there.”

Prior to joining Druva, Brower worked for Tealium. There, he built its technical alliances program and was responsible for doubling prior year bookings through partners within two quarters.

Before that, he spent more than 13 years at Commvault. There, he led various organizations, including customer experience, professional services, and the customer education organization.

The Compass program continues to grow year over year, Brower said.

“We have seen core partners be able to grow their business by well over 100% annually in top-line revenues through their work with us,” he said. “This year, our goal is to expand the program’s scale, expanding Druva’s offerings in new markets, with new programs and expanded distribution. I’m very excited about the coming launches and expansions in our fiscal year 2022.”

Biggest Partner Challenge

The biggest challenge for partners, and for all businesses right now, is maintaining visibility and security over data saved in more devices and more places than ever before, Brower said.

“Partners, and their customers, who still rely on on-premises solutions simply cannot keep up,” he said. “On the flip side, those that have built strong cloud practices are straining to meet the demand of the moment. I see our role in all of this as twofold: Help those partners still straddling the line between cloud and on-premises to take the leap, and guide them on the journey of building outstanding service offerings for their customers based on the Druva Cloud Platform. [And] help those partners with more established cloud expertise scale their operations and streamline processes so they can help even more customers deploy and maintain cloud-based solutions.”

Many VARs with businesses based on traditional products and services find themselves trapped in supply-chain issues, Brower said. They’re stuck with solutions that no longer address customer requirements and challenges managing capacity and capital.

“In a year’s time, I look forward to congratulating our newest partners that left all these issues behind and are now building robust, modern data protection solutions for their customers in the cloud based on Druva,” he said. “The programs and offerings in the … Compass partner program can and will help them accelerate their growth and business value, with Druva supporting that successful transformation.”

Brower the ‘Perfect Leader’

Chris White is Druva‘s chief revenue officer.

“Data protection is an ideal use case for the cloud, and our channel program is only accelerating as partners expand their cloud expertise and range of cloud-based offerings,” he said. “Robert’s extensive track record, impressive relationships built over years with partners, and decade-plus of experience in the industry make him the perfect leader to help our organization build on this momentum and achieve new heights.”

Mar 15

3 Ransomware Myths SMBs Unfortunately Believe

By | Managed Services News

Smaller organizations are a prime ransomware target, and their “protections” may not be sufficient.

Despite the rising ransomware numbers and the numerous related headlines, many small and midsize businesses (SMBs) still don’t consider themselves at risk from cyberattacks. Nothing could be further from the truth.

Smaller organizations are a prime ransomware target, and ransomware authors have only upped the ante in their methods to ensure they get paid. For example, many ransomware groups now threaten to expose or sell company data stolen in a breach if victims refuse to pay, meaning the business in question could have to shell out for heavy fines due to GDPR and similar regulations. In many cases, paying the ransom may be the most cost effective (and least publicly embarrassing) option.

But what if your business can’t afford it? Or if the downtime from the attack is too much to recover from? And what’s the long-term psychological and emotional toll?

Here are three myths about ransomware that businesses need to stop believing to stay resilient against these evolving and insidious attacks.

Myth 1: My company is small, so attackers won’t bother.

Today, any business is a target for ransomware, no matter its size. Since 2018, up to 86% of SMBs have reported being victims of ransomware each year. And, according to Verizon, “[Ransomware] is a big problem that is getting bigger, and the data indicates a lack of protection from this type of malware in organizations.”

We’ve put this myth at the top of our list because it’s particularly dangerous. For many small organizations, a single cyberattack could put them out of business. Bigger enterprises with more robust data recovery and bigger security budgets are much more likely to weather an attack, while a smaller business may have no way of making up for the loss of time, revenue, and damage to customer trust that an attack could have.

Ransomware is not going away, and it’s getting more costly for SMBs. Businesses can’t afford to underestimate the risk.

Myth 2: There’s no way to prepare for a ransomware attack.

The sad truth in today’s cyber climate is that an attack is practically inevitable. The trick is reducing the likelihood of an attack, and making sure critical data is protected in case an attack succeeds. To prepare your business to weather the storm, there are a few key steps you can take.

  • Proactively defend against ransomware attacks.
    Ransomware typically gets into an organization by tricking a user into downloading a file and/or enabling macros. Combining reliable endpoint protection that can stop macros and malicious scripts with security awareness training for end users is an excellent step toward a proactive and in-depth defense.
  • Protect your data.
    The ransomware business model works because losing access to your data can cause serious damage. A strong backup solution is vital. Full-server backups or asking end users to manage their own backups aren’t the most feasible options. But with the right solution set, there are significantly more efficient ways to ensure data on endpoint devicesservers and within the Microsoft 365 suite is secured.

Myth 3: I already have a backup, so I’m safe.

If your business gets hit with an attack, you can and should expect some downtime. And if we accept the maxim “time is money,” then any amount of downtime is costly and potentially damaging. Having backups in place is crucial, but you also need to be able to recover the data you need quickly from safe backups that haven’t also been infected with the ransomware.

Bigger organizations have more resources to invest in redundant servers in secondary locations, but these protections can come at too high a cost for many SMBs. If that sounds like you, you’re not alone. We recommend you look into disaster recovery as a service (DRaaS) so you can leverage the cloud to ensure that critical business systems are online and accessible, no matter what happens on your network.

Next Steps

The one-two combination of proactive prevention and recovery is key for staying cyber resilient. If you start working to address the tips in this blog, you’ll drastically improve your chances of avoiding a ransomware attack entirely–and getting through it successfully if you do get breached.

For more details on these and other misconceptions to watch out for, get your free copy of our guide, Rip the Target Off Your Back: Debunking the Top 5 Myths about Ransomware and SMBs.

Justine Kurtz Webroot

Justine Kurtz has crafted the voice of Webroot for nearly a decade. As senior copywriter, she partners with clients across the organization (and the globe) to communicate the value Webroot solutions bring to businesses, consumers and technology partners alike.

This guest blog is part of a Channel Futures sponsorship.

 

Mar 12

Cisco Report: DNS Activity Shows Glut of Phishing, Trojans, More

By | Managed Services News

In today’s threat landscape, the idea that no one is an island holds true for threats.

A majority of Cisco customers encountered DNS activity last year, with high percentages of phishing, malvertising, malicious spam, trojans and more.

Cisco’s Threat Trends: DNS Security report analyzed data from Cisco Umbrella, the company’s cloud-based network security platform.

DNS, or domain name system, connects browsers to websites. DNS can be an attractive mechanism for malicious activities.

Among the DNS activity findings: Users in 70% of organizations got malicious browser ads. Furthermore, 51% of organizations encountered ransomware-related activity. Another 48% found information-stealing malware activity.

Cisco's Ben Nahorney

Cisco’s Ben Nahorney

Ben Nahorney is a threat intelligence analyst at Cisco Security.

“In today’s threat landscape, the idea that ‘no one is an island’ holds true for threats,” he said. “The most prevalent attacks these days leverage a variety of threats at different stages. For example, let’s look at how Emotet is often delivered by phishing in order to deploy Ryuk as a payload. If you find one threat within your network, it’s wise to investigate what threats have been observed working in tandem with it and take precautionary measures to prevent them from causing further havoc.”

Austin McBride is a data scientist at Cisco Umbrella.

“What I want to highlight most would be the growth in usage of multi-staged attacks,” he said. “If you get hit with Emotet, there is a good chance you could get hit with follow-up malware like ransomware. So, if you see Emotet or Ursnif/Gozi in your logs, you might want to be on the lookout for follow-up malware.”

Impact of Cryptomining

Cisco's Austin McBride

Cisco’s Austin McBride

Cryptomining impacted some 69% of organizations. That means at least one endpoint within an organization attempted to mine cryptocurrency above a minimum threshold.

“Organizational impact depends on the extent of mining happening in that environment,” McBride said. “At its most basic level, cryptomining can reduce the life of your hardware, clog your bandwidth, and drive up your AWS compute costs depending on how the miner has been configured. In the worst-case scenario, a malicious actor infiltrated your environment and set up a miner to make passive income while they perused your environment for data to exfiltrate or to exploit your environment further with follow-up malware. Bottom line, if you see a lot of cryptomining traffic, you should investigate to avoid a potential indicator of compromise (IOC).”

Our slideshow above shows the list of malicious DNS activity.

Mar 12

2020 State of the Channel Ransomware Report

By | Managed Services News

Datto surveyed more than 1,400 MSPs about ransomware and published the key takeaways in this report.

Datto surveyed more than 1,400 managed service providers (MSPs) around the world about ransomware and published the key takeaways in this report. Download the report today to unlock new year over year trends, statistics, and recommendations for ensuring recoverability in the face of this growing cyber threat.

In this report, you will find:

  • New data on ransomware attack frequency across SMBs and MSPs
  • The true cost of downtime from ransomware attacks
  • Ransomware defense measures global MSPs are implementing
  • Popular ransomware recovery methods from your peers
  • And More!

Sponsored by: 

 

Mar 12

Barracuda CloudGen Access to Increase MSPs’ Security Capabilities

By | Managed Services News

To stay relevant and competitive, MSPs must embrace both IT security and data protection.

Barracuda has expanded its portfolio to include CloudGen Access for MSPs. It’s also updated its remote monitoring and management (RMM) platform.

Barracuda CloudGen Access makes zero-trust network access (ZTNA) capabilities available to the company’s MSP partners.

Enhancements to Barracuda’s cloud-based RMM platform, now called Barracuda RMM, deliver expanded integrations, improved Microsoft patch management capabilities and more. The RMM platform was formerly known as Managed Workplace.

Brian Babineau is Barracuda‘s senior vice president and general manager of MSP solutions.

Barracuda's Brian Babineau

Barracuda’s Brian Babineau

“To stay relevant and competitive, MSPs must embrace both IT security and data protection,” he said. “In expanding the capabilities of Barracuda RMM, our goal is not to build the industry’s best RMM, but to build the best security-centric RMM.”

One of the Barracuda RMM updates is the integration of Intronis Backup, Babineau said.

“Now, MSPs can deploy, monitor and manage their Intronis Backup from within Barracuda RMM,” he said. “This includes setting up alerts to monitor the progress of their Intronis Backup. Barracuda RMM also generates Intronis Backup reports, which helps MSPs demonstrate the value of their services to their customers. Further, we are also introducing a new RMM migration service.”

Through this new service, Barracuda‘s MSP experts will set up and configure Barracuda RMM with security and industry best practices for its MSP partners and their customers, Babineau said.

“As organizations continue to adapt to hybrid work scenarios to support their growing remote workforces, the introduction of these and other enhancements to Barracuda RMM are necessary next steps in our commitment to supporting MSPs in their security-centric journey,” he said.

Stronger Customer Security

Barracuda initially launched Barracuda CloudGen Access in November following the company’s acquisition of Fyde. Adding multitenant management for CloudGen Access makes it easier for MSPs to deploy and manage, while adding value. Adding monthly pricing options does as well, the company said.

“Barracuda CloudGen Access provides MSPs with a competitive advantage,” Babineau said. “It enables them to easily expand their security services to protect customers’ resources and implement control for any unmanaged BYOD devices without making changes to customers’ existing workflows. With Barracuda CloudGen Access for MSPs, our partners can also demonstrate increased value and strengthen the security posture of their customers by safeguarding against a breach caused by a potentially insecure or compromised device. Further, they are better able to position themselves to drive business continuity, customer productivity and mitigate business transformation risk for customers.”

Mar 12

Nation-State Cyberattacks: SolarWinds, Microsoft Just the Beginning

By | Managed Services News

There’s likely another massive nation-state attack taking place undetected right now.

As SolarWinds and Microsoft continue dealing with massive nation-state cyberattacks, there’s no doubt another big one is taking place right now that nobody knows about.

That’s according to Eric Bednash, RackTop Systems‘ CEO. He sees a rise in nation-state cyberattacks destabilizing the United States. He points to SolarWinds and Microsoft as recent examples, and says there will be more nation-state cyberattacks in the name of destabilizing U.S. democracy.

The National Security Agency (NSA) recruited Bednash as a white-hat hacker after 9/11. Later, he co-founded RackTop to defend against nation-state cyberattack scenarios.

In a Q&A with Channel Futures, Bednash talks about the growing threat of nation-state cyberattacks.

Channel Futures: How are nation-state cyberattacks like SolarWinds and Microsoft destabilizing the U.S.?

Eric Bednash: When you get a supply-chain attack like SolarWinds, it starts to erode the trust that you have in these products to run these systems and serve customers, or move money or anything like that. And then as soon as you lose trust, then you have fear. Then fear leads to irrational behavior and knee-jerk decision making. And the next thing you know, it’s like this whole system starts to break down, and you can have this big destabilizing effect and it’s like dominoes.

RackTop Systems' Eric Bednash

RackTop Systems’ Eric Bednash

The most tangible non-IT related event to reference is the pandemic. That had a massive impact on our economy, so you just apply that and think about a critical system, like Microsoft’s email systems. There are millions of people that rely on that to provide services and even the government to other people and other citizens. And the minute that starts to break down, that trust starts to break down. That’s when things start to fall apart. And that’s really what I think the bigger issue is with some of these these more critical attacks like SolarWinds. The effects are much deeper than just putting out a patch and affecting a small number of people.

CF: Why are nation-states increasingly carrying out these attacks? And how are these nation-state cyberattacks succeeding?

EB: Motives are going to vary across the board. If you look at nation-states, this really comes down to resources — so people, money and time. These are well-funded organizations with highly skilled people with time on their hands and a strategic, specific objective. And those objectives vary. So the objective could be anything from, as we saw a couple of years ago, interference in an election. It could be to interrupt commerce. It could be to obtain information. So, really, the motives are going to vary across the board.

And then how are they succeeding? It really comes down to — they have the means to succeed. I think that’s the real difference between some random person who learns about an exploit or vulnerability and then uses some tool to hack into somebody’s system. There’s a big difference between that and a nation-state attack, which is applying resources, people and time to achieve a strategic, specific objective, whatever that may be, and then executing on that. I think those are the ones like SolarWinds and others. Those are the ones that hurt the most. And you have the deepest impact to our to our economy or to our government.

CF: What sort of continued fallout/damage are you anticipating from the Microsoft nation-state cyberattack?

EB: The continued fallout is you’re not really going to know how …

>