Once upon a time, hacker mischief was limited to viruses like Mars Land, which took control of DOS computers to display scrolling red terrain, or Ithaqua, which displayed snow falling on the screen every April 29.
Fast forward to the present and the cute malware of the DOS age is long gone. Today, hackers pose a much more serious threat.
For many businesses, a managed service provider (MSP) makes the difference between a secure, well-managed network and one that places them at risk of crippling attacks. That’s one good reason why MSPs are indispensable today. (For another big reason, see As Network Value Skyrockets, MSPs Become Increasingly Essential.)
That was then
The reason hackers today pose a greater threat than ever is simple: The network is the lifeline that connects everything in our modern world. Anything that disrupts the network or steals information from it will have costly consequences.
That makes networks today different from previous decades. When viruses were being written for DOS PCs, most computers weren’t connected to a network at all. Back then, if hackers compromised one computer, the damage they could cause was usually limited to that host.
Even 10 years ago, when most computers were connected to the Internet, the potential danger posed by hackers was still much smaller than it is today. Networks at the time were not as expansive, meaning an attack against one computer didn’t put so many other devices on the same network at risk. Data was also still stored locally in most cases, rather than exchanged over the network, reducing the importance of the network as a potential attack vector.
The hacker threat today
Today, however, all that has changed. When you add together all of the PCs, servers, mobile devices, and Internet of Things (IoT) endpoints on a given network, networks at a small or mid-sized business can easily consist of hundreds or thousands of hosts, while enterprise networks are larger still. If a hacker is able to compromise just one device on the network, he has a stepping-stone for attacking all the others as well.
The cloud computing revolution has also changed the seriousness of network security. At many organizations today, the most sensitive data lives on cloud servers rather than local devices. That means it’s transmitted over the network to users, increasing the risk that hackers could intercept the data while it’s in transit.
The diversity of devices on modern networks, and bring-your-own-device policies that allow employees to add their personal computers or phones to the network, complicate matters even more. Traditional anti-virus and network intrusion systems don’t work as well when the types of devices and software environments they need to inspect vary much more widely than they did when most networks consisted mostly of servers and workstations.
Financial damages are just the beginning
Just how much havoc can hackers wreak on modern networks? To understand the issue in monetary terms, consider these staggering statistics from a report by Cybersecurity Ventures:
- Cybercrime costs from fraud, lost productivity, theft and other damages in 2015 totaled $3 trillion—more than the gross domestic product of France.
- Cybercrime costs are projected to climb to $6 trillion annually by 2021.
Other statistics worth noting include:
- The average company in the U.S. loses $15 million per year to cybercrime.
- Hackers offer their services for hire for as little as $100. That makes it trivially easy for a malicious party to target an organization’s network with an attack that could cost much, much more than the price of hiring a hacker.
This is war
The danger posed by hackers isn’t limited to financial damages. In an age when the network controls everything, hackers who attack the network can cause crippling harm to public health, government services, and more.
Just last week, the US Computer Emergency Readiness Team issued an alert about the increasing threat to network infrastructure devices. “There has never been a greater need to improve network infrastructure security,” cautions the report.
“Cybercriminals are launching missives against a global attack surface comprised of the world’s people, households, companies, governments, police, hospitals, schools, banks, power grids, utilities, data centers, servers, networks, PCs, laptops, tablets, and smartphones,” writes Cybersecurity Ventures.
The threat will only grow greater, the group adds, as the expansion of the IoT increases the number of devices that hackers might attack to take physical control of homes, offices, and public services.
This danger is why MSPAlliance, at the start of 2016, identified critical infrastructure, such as water treatment facilities and power plants, as one of the new areas that MSPs can assume a key role in helping to keep secure.
The MSPAlliance also predicted MSPs will be called on to help fight the global war on terror, as governments pass laws requiring MSPs to assist in efforts to combat terrorist activities related to the network.
The MSP’s role in stopping hackers
When networks run the world, and you run the networks, you shoulder a huge responsibility. As an MSP, you are a main line of defense against hacker threats. To fulfill your mission, ensure the networks you oversee are locked down and hardened against attack as much as possible.
Explaining how to secure a network would require a much longer article than this. But briefly, the following principles help keep networks secure:
- Maintain visibility. Being able to map a network and monitor device status constantly is crucial for finding and identifying threats.
- Control access. Granular access control configurations mitigate the risk of users gaining access to devices they shouldn’t control.
- Leverage the cloud. The cloud provides a central management hub for monitoring the network. It also separates the network from the management infrastructure, so that if the network itself is attacked, the network management platform is still secure.
- Be agile. You can no longer count on controlling which devices join the network or on establishing firm network perimeters. As a result, you need to deploy network management solutions that can scale and adapt easily to meet the ever-changing needs of a client’s network.
- Partner with the right people. If you lack the in-house security expertise to thwart hackers, take advantage of channel partnerships, like the one Joe Panettieri describes here, to boost your ability to protect client networks.
By delivering a secure network, you’re not only providing the best service to your clients, you’re also helping to stop the hackerpocalpyse and save the world.