{"id":5967,"date":"2017-04-07T18:03:13","date_gmt":"2017-04-07T17:03:13","guid":{"rendered":"https:\/\/www.n-able.com\/?p=5967"},"modified":"2021-04-08T19:00:11","modified_gmt":"2021-04-08T18:00:11","slug":"operation-cloud-hopper-wake-call-msps-and-it-service-providers","status":"publish","type":"post","link":"https:\/\/www.n-able.com\/es\/blog\/operation-cloud-hopper-wake-call-msps-and-it-service-providers","title":{"rendered":"Operation Cloud Hopper-A wake-up call for MSPs and IT service providers"},"content":{"rendered":"<p>Operation \u201cCloud Hopper\u201d or Advanced Persistent Threat (APT) group 10 is focusing on compromising managed service providers (MSPs) to gain access to their customers\u2019 systems. This is a stark reminder of how dangerous the internet landscape is for both end-users and IT providers.<\/p>\n<p>It should come as no surprise that MSPs and IT providers make for excellent targets for cybercriminals\u2014the compromise of a single MSP can give access to multiple networks. This is something we have been publicly talking about for upwards of two years.<\/p>\n<p>You can read the full PwC\/BAE Systems\u00a0<a class=\"ext\" href=\"https:\/\/www.dropbox.com\/s\/mv4upc885f02hk5\/cloud-hopper-report-final-updated.pdf?dl=0\" target=\"_blank\" rel=\"noopener noreferrer\">report here<\/a>\u00a0(PDF warning)<\/p>\n<p>The Executive Summary states:<\/p>\n<p>\u201cOperation Cloud Hopper, has targeted managed IT service providers (MSPs), allowing APT10 unprecedented potential access to the intellectual property and sensitive data of those MSPs and their clients globally.<\/p>\n<p>\u201cAPT10 has recently unleashed a sustained campaign against MSPs. The compromise of MSP networks has provided broad and unprecedented access to MSP customer networks.<\/p>\n<ul>\n<li>Multiple MSPs were almost certainly being targeted from 2016 onwards, and it is likely that APT10 had already begun to do so from as early as 2014.<\/li>\n<li>MSP infrastructure has been used as part of a complex web of exfiltration routes spanning multiple victim networks.\u201d<\/li>\n<\/ul>\n<p>In some sense, it\u2019s almost flattering the MSP community has its own cyber protagonist; and for those MSPs and IT Providers obsessing about ransomware infections, the revelation of a justifiable some-what-scary APT group makes everyone concerned. However, here are some key items to take away from this and help ensure you\u2019re on your guard:<\/p>\n<ol>\n<li><b>First Things First<\/b>For all its sophistication, APT10 starts its attacks with a Phishing email, just like almost every common ransomware attack. If you are filtering email for your customers and for your own MSP organization, this is a great first-line of defense.<\/li>\n<li><b>Lock down your MSP systems\u00a0<\/b>This means controlling administrative privileges (for your customers too), using application and IP whitelisting, implementing Two-Factor Authentication (2FA), GPOs, and other security measures to control where and how applications can be installed.<\/li>\n<li><b>Scan your MSP administrative end-points for malware and use web protection (for your customers too)<\/b>APT10 will try and compromise an MSP end-point with a Trojan to get credentials to use against your customers, don\u2019t make it easy for them.<\/li>\n<li><b>Assess each of your customer\u2019s risks and respond with user security training, SIEM technology, and\/or additional security layers<\/b>APT10 is primarily interested in conducting espionage activities and exfiltration of data.<\/li>\n<li><b>As an additional precaution, if you are a SolarWinds RMM customer, please pay attention to the RMM LOGICcards<\/b>This is especially key for those relating to indications of compromise, typo squatting, and account tampering. Our data science team has invested a great deal of time and effort in warning against session hijack, password re-use, and account brute-force attacks to let you know if there may be a problem. So, if you receive a warning that something strange has been detected, it\u2019s time to investigate.<\/li>\n<\/ol>\n<p>I urge everyone to read the APT10 report. It is an excellent way for MSPs to examine their own security and open a discussion with customers on increasing the security for organizations at risk.<\/p>\n<div class=\"blog-author\">By Ian Thornton-Trump<\/div>\n<p class=\"no-ext\"><em>Ian Thornton-Trump, CSA+, CD, CEH, CNDA is CTO at\u00a0<a href=\"https:\/\/www.octopitech.com\/\" target=\"_blank\" rel=\"follow noopener\">Octopi Managed Services Inc<\/a>. Ian is an ITIL certified Information Technology (IT) consultant with more than 20 years of experience in IT security and information technology. He enjoys and maintains a strong commitment to the security community. From 1989 to 1992, Ian served with the Canadian Forces (CF), Military Intelligence Branch; in 2002, he joined the CF Military Police Reserves and retired as a Public Affairs Officer in 2013.<\/em><\/p>\n<p><em>You can follow Ian on Twitter\u00ae at\u00a0<a class=\"ext\" href=\"https:\/\/twitter.com\/phat_hobbit\" target=\"_blank\" rel=\"noopener noreferrer\">@phat_hobbit<\/a>.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Focused attacks show MSPs are far from immune to cyber attacks. Ian Trump looks at what MSPs need to know about APT10 and things that MSPs may implement to help&#8230;<\/p>\n","protected":false},"author":25,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"class_list":["post-5967","post","type-post","status-publish","format-standard","hentry","topic-msp-business"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.2 (Yoast SEO v27.2) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Operation Cloud Hopper-A wake-up call for MSPs and IT service providers - N-able<\/title>\n<meta name=\"description\" content=\"Focused attacks show MSPs are far from immune to cyber attacks. Ian Trump looks at what MSPs need to know about APT10 and things that MSPs may implement to help defend themselves.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.n-able.com\/es\/blog\/operation-cloud-hopper-wake-call-msps-and-it-service-providers\" \/>\n<meta property=\"og:locale\" content=\"es_ES\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Operation Cloud Hopper-A wake-up call for MSPs and IT service providers - N-able\" \/>\n<meta property=\"og:description\" content=\"Focused attacks show MSPs are far from immune to cyber attacks. Ian Trump looks at what MSPs need to know about APT10 and things that MSPs may implement to help defend themselves.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.n-able.com\/es\/blog\/operation-cloud-hopper-wake-call-msps-and-it-service-providers\" \/>\n<meta property=\"og:site_name\" content=\"N-able\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/NableMSP\" \/>\n<meta property=\"article:published_time\" content=\"2017-04-07T17:03:13+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-04-08T18:00:11+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/03\/share-image.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Guest\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@Nable\" \/>\n<meta name=\"twitter:site\" content=\"@Nable\" \/>\n<meta name=\"twitter:label1\" content=\"Escrito por\" \/>\n\t<meta name=\"twitter:data1\" content=\"Guest\" \/>\n\t<meta name=\"twitter:label2\" content=\"Tiempo de lectura\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutos\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.n-able.com\/es\/blog\/operation-cloud-hopper-wake-call-msps-and-it-service-providers#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/es\/blog\/operation-cloud-hopper-wake-call-msps-and-it-service-providers\"},\"author\":{\"name\":\"Guest\",\"@id\":\"https:\/\/www.n-able.com\/es#\/schema\/person\/ee8cad7f258c4c0bbd8df129da8ba8c7\"},\"headline\":\"Operation Cloud Hopper-A wake-up call for MSPs and IT service providers\",\"datePublished\":\"2017-04-07T18:03:13+01:00\",\"dateModified\":\"2021-04-08T18:00:11+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.n-able.com\/es\/blog\/operation-cloud-hopper-wake-call-msps-and-it-service-providers\"},\"wordCount\":618,\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/es#organization\"},\"articleSection\":[\"MSP Business\"],\"inLanguage\":\"es\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.n-able.com\/es\/blog\/operation-cloud-hopper-wake-call-msps-and-it-service-providers\",\"url\":\"https:\/\/www.n-able.com\/es\/blog\/operation-cloud-hopper-wake-call-msps-and-it-service-providers\",\"name\":\"Operation Cloud Hopper-A wake-up call for MSPs and IT service providers - N-able\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/es#website\"},\"datePublished\":\"2017-04-07T18:03:13+01:00\",\"dateModified\":\"2021-04-08T18:00:11+00:00\",\"description\":\"Focused attacks show MSPs are far from immune to cyber attacks. Ian Trump looks at what MSPs need to know about APT10 and things that MSPs may implement to help defend themselves.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.n-able.com\/es\/blog\/operation-cloud-hopper-wake-call-msps-and-it-service-providers#breadcrumb\"},\"inLanguage\":\"es\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.n-able.com\/es\/blog\/operation-cloud-hopper-wake-call-msps-and-it-service-providers\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.n-able.com\/es\/blog\/operation-cloud-hopper-wake-call-msps-and-it-service-providers#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"MSP Business\",\"item\":\"https:\/\/www.n-able.com\/es\/blog\/category\/msp-business\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Operation Cloud Hopper-A wake-up call for MSPs and IT service providers\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.n-able.com\/es#website\",\"url\":\"https:\/\/www.n-able.com\/es\",\"name\":\"N-able\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/es#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.n-able.com\/es?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"es\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.n-able.com\/es#organization\",\"name\":\"N-able\",\"url\":\"https:\/\/www.n-able.com\/es\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"es\",\"@id\":\"https:\/\/www.n-able.com\/es#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"contentUrl\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"width\":\"1024\",\"height\":\"1024\",\"caption\":\"N-able\"},\"image\":{\"@id\":\"https:\/\/www.n-able.com\/es#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/NableMSP\",\"https:\/\/x.com\/Nable\",\"https:\/\/www.linkedin.com\/company\/n-able\",\"https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.n-able.com\/es#\/schema\/person\/ee8cad7f258c4c0bbd8df129da8ba8c7\",\"name\":\"Guest\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"es\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/d82fa769eb9bf6d68cd57319e4d53994c06b1df8611c56b3842cc27f4cec1020?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d82fa769eb9bf6d68cd57319e4d53994c06b1df8611c56b3842cc27f4cec1020?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d82fa769eb9bf6d68cd57319e4d53994c06b1df8611c56b3842cc27f4cec1020?s=96&d=mm&r=g\",\"caption\":\"Guest\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Operation Cloud Hopper-A wake-up call for MSPs and IT service providers - N-able","description":"Focused attacks show MSPs are far from immune to cyber attacks. Ian Trump looks at what MSPs need to know about APT10 and things that MSPs may implement to help defend themselves.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.n-able.com\/es\/blog\/operation-cloud-hopper-wake-call-msps-and-it-service-providers","og_locale":"es_ES","og_type":"article","og_title":"Operation Cloud Hopper-A wake-up call for MSPs and IT service providers - N-able","og_description":"Focused attacks show MSPs are far from immune to cyber attacks. Ian Trump looks at what MSPs need to know about APT10 and things that MSPs may implement to help defend themselves.","og_url":"https:\/\/www.n-able.com\/es\/blog\/operation-cloud-hopper-wake-call-msps-and-it-service-providers","og_site_name":"N-able","article_publisher":"https:\/\/www.facebook.com\/NableMSP","article_published_time":"2017-04-07T17:03:13+00:00","article_modified_time":"2021-04-08T18:00:11+00:00","og_image":[{"width":1200,"height":630,"url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/03\/share-image.jpg","type":"image\/jpeg"}],"author":"Guest","twitter_card":"summary_large_image","twitter_creator":"@Nable","twitter_site":"@Nable","twitter_misc":{"Escrito por":"Guest","Tiempo de lectura":"3 minutos"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.n-able.com\/es\/blog\/operation-cloud-hopper-wake-call-msps-and-it-service-providers#article","isPartOf":{"@id":"https:\/\/www.n-able.com\/es\/blog\/operation-cloud-hopper-wake-call-msps-and-it-service-providers"},"author":{"name":"Guest","@id":"https:\/\/www.n-able.com\/es#\/schema\/person\/ee8cad7f258c4c0bbd8df129da8ba8c7"},"headline":"Operation Cloud Hopper-A wake-up call for MSPs and IT service providers","datePublished":"2017-04-07T18:03:13+01:00","dateModified":"2021-04-08T18:00:11+00:00","mainEntityOfPage":{"@id":"https:\/\/www.n-able.com\/es\/blog\/operation-cloud-hopper-wake-call-msps-and-it-service-providers"},"wordCount":618,"publisher":{"@id":"https:\/\/www.n-able.com\/es#organization"},"articleSection":["MSP Business"],"inLanguage":"es"},{"@type":"WebPage","@id":"https:\/\/www.n-able.com\/es\/blog\/operation-cloud-hopper-wake-call-msps-and-it-service-providers","url":"https:\/\/www.n-able.com\/es\/blog\/operation-cloud-hopper-wake-call-msps-and-it-service-providers","name":"Operation Cloud Hopper-A wake-up call for MSPs and IT service providers - N-able","isPartOf":{"@id":"https:\/\/www.n-able.com\/es#website"},"datePublished":"2017-04-07T18:03:13+01:00","dateModified":"2021-04-08T18:00:11+00:00","description":"Focused attacks show MSPs are far from immune to cyber attacks. Ian Trump looks at what MSPs need to know about APT10 and things that MSPs may implement to help defend themselves.","breadcrumb":{"@id":"https:\/\/www.n-able.com\/es\/blog\/operation-cloud-hopper-wake-call-msps-and-it-service-providers#breadcrumb"},"inLanguage":"es","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.n-able.com\/es\/blog\/operation-cloud-hopper-wake-call-msps-and-it-service-providers"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.n-able.com\/es\/blog\/operation-cloud-hopper-wake-call-msps-and-it-service-providers#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"MSP Business","item":"https:\/\/www.n-able.com\/es\/blog\/category\/msp-business"},{"@type":"ListItem","position":2,"name":"Operation Cloud Hopper-A wake-up call for MSPs and IT service providers"}]},{"@type":"WebSite","@id":"https:\/\/www.n-able.com\/es#website","url":"https:\/\/www.n-able.com\/es","name":"N-able","description":"","publisher":{"@id":"https:\/\/www.n-able.com\/es#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.n-able.com\/es?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"es"},{"@type":"Organization","@id":"https:\/\/www.n-able.com\/es#organization","name":"N-able","url":"https:\/\/www.n-able.com\/es","logo":{"@type":"ImageObject","inLanguage":"es","@id":"https:\/\/www.n-able.com\/es#\/schema\/logo\/image\/","url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","contentUrl":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","width":"1024","height":"1024","caption":"N-able"},"image":{"@id":"https:\/\/www.n-able.com\/es#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/NableMSP","https:\/\/x.com\/Nable","https:\/\/www.linkedin.com\/company\/n-able","https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw"]},{"@type":"Person","@id":"https:\/\/www.n-able.com\/es#\/schema\/person\/ee8cad7f258c4c0bbd8df129da8ba8c7","name":"Guest","image":{"@type":"ImageObject","inLanguage":"es","@id":"https:\/\/secure.gravatar.com\/avatar\/d82fa769eb9bf6d68cd57319e4d53994c06b1df8611c56b3842cc27f4cec1020?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d82fa769eb9bf6d68cd57319e4d53994c06b1df8611c56b3842cc27f4cec1020?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d82fa769eb9bf6d68cd57319e4d53994c06b1df8611c56b3842cc27f4cec1020?s=96&d=mm&r=g","caption":"Guest"}}]}},"_links":{"self":[{"href":"https:\/\/www.n-able.com\/es\/wp-json\/wp\/v2\/posts\/5967","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.n-able.com\/es\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.n-able.com\/es\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/es\/wp-json\/wp\/v2\/users\/25"}],"replies":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/es\/wp-json\/wp\/v2\/comments?post=5967"}],"version-history":[{"count":0,"href":"https:\/\/www.n-able.com\/es\/wp-json\/wp\/v2\/posts\/5967\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.n-able.com\/es\/wp-json\/wp\/v2\/media?parent=5967"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}