Cybercriminals are becoming bolder; their tactics are rapidly evolving, and the targets they choose are more diverse. "Safe zones" are a thing of the past with critical infrastructure, essential services and even nonprofit organizations facing the constant threat of cyberattacks.

In fact, ransomware and extortion incidents surged by 67% in 2023, according to NTT Security Holdings' recently released 2024 Global Threat Intelligence Report. As the frontline defenders for countless businesses and organizations, these bolder cybercriminals are a challenge for MSPs in their attempts to protect their clients and partners. There are strategies that MSPs must carefully consider to effectively safeguard their clients.

Critical Infrastructure Under Siege

The 2024 report doesn't quite show the brightest future for critical infrastructure sectors, power grids, financial institutions and supply chains facing greater risks from cyberattacks. These sectors rely on near-perfect uptime, meaning even minor disruptions can have cascading effects on entire groups.

For MSPs, this translates to a heightened need for specialized security solutions and incident response plans tailored to these critical industries. This includes prioritizing threat intelligence focused on these sectors, implementing reliable data backup and recovery systems, and conducting regular penetration testing to identify and address vulnerabilities before they are exploited.

Evolving Tactics and No-Go Zones Disappearing

Another worrying trend concerns ransomware operators abandoning previous ethical boundaries and targeting sectors previously considered off-limits, including healthcare, nonprofits and energy companies.

This necessitates a shift in the way MSPs approach security. They must now prepare for attacks that exploit sensitive data and be equipped to handle the ethical dilemmas associated with ransom negotiations. This may involve collaborating with law enforcement agencies, engaging in ethical hacking techniques to recover data and developing communication strategies for handling public disclosures in case of breaches.

SMEs: The Most Vulnerable

The report also revealed a concerning vulnerability among SMEs, with over half of ransomware victims falling within this category. This indicates a lack of adequate security resources in these businesses.

MSPs play a crucial role in bridging this gap by offering affordable, scalable security solutions specifically designed for the needs of SMEs. This includes providing managed endpoint protection, vulnerability scanning and patching services and security awareness training for employees.

Additionally, MSPs can advocate for government initiatives and industry collaborations to create accessible security resources and financial support for smaller organizations.

Zero-Day Exploits and AI-Powered Threats

The constant emergence of vulnerabilities and the rapid adoption of AI by malicious actors pose a challenge to traditional security measures. It’s being suggested that MSPs need to implement a multi-layered strategy that combines continuous vulnerability scanning and patching with threat intelligence solutions and proactive threat hunting.

Furthermore, incorporating AI-powered security tools are crucial in countering tactics used by attackers. This includes using machine learning algorithms to identify suspicious network activity, automate incident response and analyze vast datasets to predict and prevent future attacks.

Humans are the Weakest Link: A Growing Problem

And finally, the report talks about the increasing human factor in cybersecurity breaches, with the expanding attack surface created by hybrid cloud environments, BYOD policies and third-party integrations further exacerbating the issue.

So how do MSPs handle this?

MSPs need to prioritize comprehensive security awareness training for their clients' employees. The training needs to focus on phishing detection, password hygiene and best practices for secure remote work. From personal experience, after chatting with a friend who asked about an email they got, red flags of a phishing email were eventually noticed with the occasional spelling of the company name being the main red flag. However, they (the friend) said that wasn’t what they noticed at first and thought the email was legit. The email address had the company name in it, and the malicious actor used a photo and information from the hiring manager’s LinkedIn profile.

So, the point being? Attackers are clever, and training that expands beyond looking at email addresses or the subject lines (instead, training focused on looking at other various red flags that most would not normally notice) is needed when trying to fight against phishing.

Additionally, MSPs should advocate for streamlined cybersecurity workflows and consolidation of security tools to minimize staff fatigue and burnout. This could involve incorporating centralized dashboards, automating routine tasks and providing clear communication channels for reporting suspicious activity.

By addressing the human factor, MSPs can reduce the risk of successful cyberattacks and improve overall security posture within their client organizations.

“Our 2023 report highlighted the increase in cyberthreats affecting day to day life, economic conditions, and privacy,” said Jeremy Nichols, NTT Security Holdings' Global Threat Intelligence Center director. “Organizations are struggling to defend against routine exploitation, malware and ransom or extortion threats.”

MSPs are the ones in the best position to safeguard these organizations from more sophisticated attacks. As mentioned at the start of this article, they need the right strategies in place to effectively safeguard their clients.