Unintended IP Theft, ‘Script Kiddies’ Are Massive Threats MSPs Can’t Ignore: CISA Advisor
While cyberattacks on the whole have grown more sophisticated, certain basic attacks are a concern for less-obvious reasons, says CISA cybersecurity advisor Brad Manuel.
While cyberattacks on the whole have grown more sophisticated in recent years, certain basic attacks remain a huge threat that may be flying under the radar for some MSPs, according to Brad Manuel, a cybersecurity advisor for the U.S. Cybersecurity and Infrastructure Security Agency (CISA).
During a session Tuesday at XChange Security 2024, Manuel, who is also a state coordinator for CISA, warned MSPs to not ignore the threat of “script kiddie” attacks. While such attacks may not be particularly advanced, the threat actors—who are typically younger and have few hacking skills—present a serious risk for different reasons yet are “often overlooked,” he said.
[Related: 10 Major Cyberattacks And Data Breaches In 2024 (So Far)]
“In my opinion, they're just as dangerous as a seasoned threat actor,” Manuel said. “The reason I say that is because, a seasoned threat actor actually understands the full scope and full effect of an attack. Whereas a script kiddie is just out there plugging away, not knowing really what they're doing.”
In a similar vein, Manuel encouraged MSPs to keep an eye on insider threats that are unintentional, in addition to the threats posed by malicious insiders within an organization.
“Even though an employee can be doing the best they possibly can, they also can be a threat at the same time,” he said at XChange Security 2024, which is hosted by CRN parent The Channel Company and being held this week in Dallas.
For instance, an employee could take IP home and put it on their home network, which could be unsecured, Manuel said.
“At that point, you've now lost all control of that intellectual property,” he said — even though “it was completely unintentional [and] they were trying to do the right thing.”
Resources For MSPs
Manuel also pointed out the numerous resources that CISA has made available that might be useful to MSPs as they seek to secure their customers. One such resource, Cyber Essentials, is aimed specifically at leaders within SMBs — and demonstrates “why it's so important to have leadership buy-in, and why it's so important for leaders to invest into their cybersecurity program,” he said.
Jack Skinner, CTO of Oversee My IT, a Lewisville, Texas-based MSP, said he has frequently utilized Cyber Essentials with his clients. And while participating in education events, “it is a resource that I pass out to everybody at every event,” Skinner said.
Overall, he applauded CISA’s efforts in offering a “vast amount of resources” for the general public as well as MSPs around security best practices.
Manuel pointed to other available CISA resources, as well, including around cyber tabletop exercises. One option is for MSPs to use CISA’s template to build a tabletop exercise themselves, he said.
Alternatively, “you can contact your regional cybersecurity adviser and work with us. And we'll actually customize a workshop for you,” Skinner said. “So if you need to go through your cybersecurity plan or your incident response plan, then we will help you build those resources.”