ST. LOUIS (KMOX) - Companies that provide IT services are the latest target of hackers.
Which means if your managed information technology provider (MSP) is breached, your company could be at risk.
Jonathan Tock, Director of Security Operations, for Cyber Security firm SpearTip says hackers appear to be targetting remote log-ins. Sometimes they use what are called "brute force attacks" - trying a series of passwords until they get into your system.
"The other option is they'll go to a breach that's already occurred," says Tock, giving the example of the LinkedIn breach, "they'll go to that LinkedIn breach and they'll find a password that you used in the past and they'll see if you're still using that for some of those connections."
Tock says he's also seen hackers gain access through an MSP's email.
"The bad guy gets in and then they can say 'Hey, I want to look at that computer we've been having trouble with, can you give me access to that computer?' The typical company will say, 'Oh yes, this is my MSP, no problem, here's access to my computer.' And then they wage an entire attack from there."
He say most often the attacks come in the form of ransomware, either to get you to pay up, or to erase their tracks.
Tock says the best protection is to have multi-step verification for any system access that includes a physical element, such as a card or USB key.