{"id":25316,"date":"2021-10-20T15:21:18","date_gmt":"2021-10-20T14:21:18","guid":{"rendered":"https:\/\/www.n-able.com\/?p=25316"},"modified":"2025-05-23T14:06:47","modified_gmt":"2025-05-23T13:06:47","slug":"our-friends-were-hit-by-an-impossible-cyberstorm-its-time-we-all-change","status":"publish","type":"post","link":"https:\/\/www.n-able.com\/it\/blog\/our-friends-were-hit-by-an-impossible-cyberstorm-its-time-we-all-change","title":{"rendered":"Our friends were hit by an impossible cyberstorm. It\u2019s time we all change"},"content":{"rendered":"

A common clich\u00e9 in cybersecurity is, it\u2019s not a question of if you get attacked, but when.<\/i> We witnessed this firsthand when our former parent company was part of a major attack last year. While N‑able products weren\u2019t affected, it was difficult to watch friends and colleagues deal with the aftermath of an event of that magnitude.<\/p>\n

There\u2019s not much we can say about it that isn\u2019t public record, but we want to address how it changed our outlook, and what we\u2019re doing to help protect ourselves, you, and your customers.<\/p>\n

Risk has changed<\/h2>\n

We\u2019re playing a different game these days. It\u2019s not just our former parent company\u2014other major tech companies were part of the same breach. And other MSP vendors recently faced down major breaches as well. We saw the gas pipeline in the southeast United States shut down for days over a breached password<\/span><\/a>.<\/p>\n

It\u2019s a trend\u2014large-scale attacks continue proliferating to devastating effects.<\/p>\n

These are only the attacks that make the news. Each day, small businesses get hit. Some may come from cybercriminal gangs or from individuals purchasing malware off the dark web<\/a>, but today\u2019s cybercriminals share resources and run like businesses. This puts everyone at risk\u2014serious risk.<\/p>\n

It comes down to this: we\u2019re all part of the supply chain, and we must think about ourselves this way. <\/i>We cannot think of ourselves as separate. Even though larger vendors make news, smaller companies can get hit with variations on those same attacks.<\/p>\n

In the physical world, businesses can get robbed at any minute. Banks have higher levels of security\u2014from alarm systems on the doors to emergency buttons that automatically call police under tellers\u2019 desks\u2014because they keep so much cash on hand, making them high-value targets. Retail stores often lack this level of security due to lower levels of risk. Many convenience stores open later at night\u2014or in areas where crime remains high\u2014have high levels of security due to a lower barrier of an attack, like cages or bulletproof glass between the cashier and customers.<\/p>\n

Cybercriminals now have numerous advantage. First, they can attack businesses that don\u2019t have cash on hand, like a medical office or a tech company. These are both high-value targets because of their access financial and data information. Second, the barrier to entry is lower due to the malware-as-a-service trend, where cybercriminals resell their malware to others who lack the hacking skills. Third, they can often get away with it more easily because they are able to hide their tracks by deleting logs or even showing up at the business if they\u2019re in another country (leading to jurisdictional issues that can turn crime into a profit). Plus, cryptocurrencies hide transactions well enough that criminals can further prevent their identities from becoming public.<\/p>\n

All this means we\u2019re facing new levels of business risk, and companies need to make sure to tackle it accordingly.<\/p>\n

What we\u2019re doing to help<\/h2>\n

Over the next few blogs, we\u2019ll go into greater depth on how we\u2019re protecting the broader supply chain, from our own infrastructure and products to you and your customers. For now, let\u2019s cover the broad strokes.<\/p>\n