NetStandard, a US managed service provider, suffered a cyberattack causing the company to shut down its MyAppsAnywhere cloud services, consisting of hosted Dynamics GP, Exchange, Sharepoint, and CRM services. According to an email sent to MyAppsAnywhere customers shared on Reddit, the company detected signs of a cyberattack on Tuesday morning and quickly shut down cloud services to prevent the attack’s spread.
Threat actors are looking for the greatest return for their cyberattack efforts with MSPs proving to be the proverbial Golden Goose. While shutting everything down might seem extreme, when it comes to halting an attack it is very effective. It contains the impact and buys the affected organisation time to determine what has happened.
The information around the NetStandard attack is limited but it shows just how far reaching compromising a single organisation can be. This incident is a timely reminder that, as organisations continue to migrate to the cloud, third-party interdependencies have the potential to increase risk.
That does not mean that outsourcing is the issue here, just that organisations must take a risk based approach in doing so. At the very least, take time to evaluate what and, perhaps even more importantly, who you’re delegating to and what security precautions are in place. As part of your own risk profile, take time to understand the risks your third-parties are exposed to. For example, if you know that an MSP is reliant on VMWare or any Cloud provider and a vulnerability is identified then that increases its risk profile and by association yours. Understand who is responsible for securing what.
If using a full security-as-a-service solution then you’re trusting the provider to ensure everything is secure, whereas if it’s a platform-as-a-service provider then application security is your responsibility. It might not always be that clear cut but agreeing that ahead of deployment should prevent a world of pain further down the track.
Finally determine a potential exit strategy – what is where and how you will reverse this should the need arise, as part of your risk management.”