DXC, Cognizant among high-profile providers that have been victims of cybercriminals this year
The Lowdown: The incident with the Plano, Texas-based company this month follows similar ransomware attacks on other solutions and service providers this year, including Cognizant, Conduent, and a subsidiary of systems integrator DXC Technology.
The Details: The attacks come amid warnings over the past couple of years from federal agencies like the Department of Homeland Security and the FBI that bad actors are targeting MSPs and systems integrators as avenues for getting into the corporate networks of their end customers through technologies like remote monitoring and management (RMM) solutions.
In the case of Tyler, officials said that on Sept. 23 they became aware of an intruder using ransomware to disrupt access to some internal systems. The company in a note on its website Sept. 26 said it had shut down access points to external systems and began working with third-party security and forensic experts, put targeted monitoring in place, and contacted the FBI.
It appears that the attack was directed at Tyler’s internal corporate network and phone systems and Tyler officials noted that the company hosts software for clients in an area separate and segregated from the internal corporate environment. No client systems appear to have been compromised, they said. However, the company noted that it had received reports of several suspicious log-ins to client systems and in the Sept. 26 note encouraged customers to “reset passwords on the remote network access for Tyler staff and the credentials that Tyler personnel would use to access your applications.”
The ransomware attack on Tyler also put a spotlight on cyberthreats to the country’s voting systems. The company’s Socrata Software-as-a-Service (SaaS) data platform includes dashboards that display aggregated data from other sources and some customers use it to “post election results, to promote transparency around campaign finance, or to post information on polling dates and location. Very few Tyler clients enlist the application for this use,” the company said in a Sept. 27 note on the website.
The Socrata platform is hosted on Amazon Web Services (AWS).
The Impact: Security continues to be a significant market opportunity for MSPs and other channel partners, with the market for managed security services expected to grow from $31.6 billion this year to $46.4 billion by 2025, according to a report from MarketsandMarkets. A study by ConnectWise this month found that 91% of SMBs surveyed said they would consider using or moving to a new MSP if it offered the “right” cybersecurity solution for responding to attacks and minimizing damage and loss.
A survey by Barracuda MSP found that 91% said they planned to grow the security services they offer in 2020 and 88% said demand for security services was growing moderately or significantly.
MSP security also become a market for security vendors, with companies like BullGuard, Bitdefender, Huntress Labs, and Acronis in recent months offering tools to MSPs to protect themselves as well as their clients.
Background: MSPs also are making security a focus for themselves. A survey of MSPs by Kaseya this year found that security topped the list of priorities for 2020, with more than a third of respondents saying their businesses were more prone to attack than in 2019.
In April, Cognizant sustained an attack on its internal systems by the Maze ransomware group that officials said would cost the company $50 million and $70 million. A month later, IT service company Conduent was hit by the Maze ransomware, which impacted its European operations. DXC came under attack in July.
The Buzz: “Tyler does not make election software,” officials said in a statement on the company’s website. “The Socrata open data platform is a Tyler product used to provide dashboards that display aggregated data from other sources. It is the only Tyler product that has any relation to election data and none of our Socrata data products support voting or election systems or store individual voting records.”