The US Secret Service sent out a security alert last month to the US private sector and government organizations warning about an increase in hacks of managed service providers (MSPs). From a report: MSPs provide remote management software for companies. MSPs can be simple services like file-sharing systems to complete solutions that manage a customer’s entire computer fleet. Most MSP services are built around a server-client software architecture. The server part can be remotely hosted with the MSP inside a clout infrastructure, or installed on-premise with the client. Usually, getting access to the server component of an MSP grants an attacker full control of all software clients. In a security alert sent out on June 12, Secret Service officials said their investigations team (GIOC — Global Investigations Operations Center) has been seeing an increase in incidents where hackers breach MSP solutions and use them as a springboard into the internal networks of the MSP’s customers. Secret Service officials said they’ve been seeing threat actors use hacked MSPs to carry out attacks against point-of-sale systems, to perform business email compromise (BEC) scams, and to deploy ransomware.

Read more of this story at Slashdot.

Source: Slashdot – US Secret Service Reports an Increase in Hacked Managed Service Providers