MSP TODAY NEWS

Synoptek Becomes Latest MSP Victim of Ransomware Attack

By Laura Stotler

MSPs have increasingly become targets for ransomware attacks, and Irvine, CA-based Synoptek was the latest business to succumb. The company, which offers cloud hosting and IT management services and boasts more than 1,100 customers throughout the US, suffered an attack just before the holiday season. The incident reportedly disrupted operations for many of the company’s clients, with employees at impacted companies taking to Reddit to complain about the outage.

Unlike some other MSPs recently attacked, which opted to try to restore services and data from backups and other methods, Synoptek reportedly paid an unspecified ransom sum to restore operations as quickly as possible. Company employees have confirmed the MSP was hit with the Sodinokibi ransomware strain, which is also known as “rEvil.” The strain, which was installed by a remote management tool, works by encrypting data and demanding a crytocurrency payment. Once the payment is made, attackers will theoretically turn over a digital key to unlock access to the affected systems.

Synoptek, whose customers span a variety of industries including state and local governments, retail, software, media, manufacturing, healthcare and financial services, has remained relatively quiet about the incident. The company did verify on Twitter on December 23 that it had experienced a “credential compromise which has been contained.” The company also “took immediate action and have been working diligently with customers to remediate the situation.”

Complete Technology, an IT services company based in Colorado, was also the victim of a Sodinokibi attack earlier in December, resulting in ransomware being installed on the computers of more than 100 of its dentist customers. And when PerCSoft, an IT provider in Wisconsin, was hit in August by the strain, more than 400 customers were impacted. Data center provider CyrusOne was also attacked by the Sodinokibi ransomware strain in December, impacting six of its MSP customers in the New York area.

The attacks highlight the importance of increased cybersecurity measures, particularly for MSPs, who have increasingly become prime targets. Remote monitoring and management (RMM) tools offer a key way for attackers to gain access to systems and hold service providers’ and their customers’ data hostage. The variety of customer data accessible through MSP servers and systems makes them even more appealing to cybercriminals, and caused the Homeland Security Department to issue a warning last year about a campaign of MSP attacks linked to the Chinese government.

Service providers can get ahead of ransomware attacks by applying software patches early and often and using strong passwords and changing them regularly. Routine data backups as well as the practice of keeping backup files off-line and off-site are also important measures MSPs can take, along with being extremely cautious about opening unsolicited email attachments and not enabling macros attached to emails.

For additional information about ransomware attacks and the security measures MSPs can take to prevent them, TMC is hosting its MSP Expo in Fort Lauderdale, FL from February 12-14. The event will offer information about technology, hacking threats and cybersecurity steps MSPs can take to protect themselves and their customers.




Edited by Maurice Nagle

MSPToday Contributing Editor

SHARE THIS ARTICLE
Related Articles

MDR Provider for MSPs Huntress Tracks Down $18 Million Funding Round

By: Laura Stotler    2/21/2020

Huntress, a company that provides SaaS managed detection and response (MDR) solutions for MSPs and VARs to deliver to SMBs, has scored an $18 million …

Read More

Pax8 and Novacoast Announce Security Operations Center Strategic Partnership at ITEXPO

By: Arti Loftus    2/21/2020

With all its benefits, cloud hosting, storage, and computing are increasingly vulnerable to cyber threats, and at ITEXPO this week in Ft. Lauderdale, …

Read More

As Digital Transformation Continues in the Enterprise Cybersecurity World, One Company Reaches for the Cloud to Supercharge Analyst Productivity

By: Arti Loftus    2/21/2020

It's no secret that managing security within enterprises, organizations, and small and medium businesses have become exponentially more complex as mor…

Read More

Federated Wireless Launches 4G/5G Private Networks Through Azure and AWS

By: Ken Briodagh    2/21/2020

Federated Wireless recently announced a new Connectivity-as-as-Service offering that reportedly lets U.S. enterprises buy and deploy private 4G and 5G…

Read More

When Labor Markets are Tight, a Blended Workforce Could be the Answer

By: Bill Yates    2/20/2020

Managed Services Providers (MSPs) can gain flexibility and operational efficiency by moving to a blended workforce. By combining full-time staff with …

Read More