In today’s digitally interconnected world, businesses rely on their IT support providers to streamline and maintain their digital systems, and to defend them against a myriad of cyber threats. From ransomware and spyware to man-in-the-middle attacks and phishing scams, hackers deploy a range of sophisticated techniques and tools that require an equally sophisticated armoury of countermeasures. You may have given some thought to the cyber security capabilities of your IT support provider, but have your ever given thought to the steps they’re taking to protect their own IT systems?
When you partner with an IT support provider, your IT system becomes deeply intertwined with theirs. Their systems for monitoring and managing your digital environment grant them the ability to govern your security settings across your devices, servers and networking components, and control who and what has access to your digital realm. In the trusted hands of your IT partner, these powers are leveraged to safeguard the integrity of your IT, and keep bad actors away from your sensitive data, but what if these capabilities were commandeered by the bad actors themselves?
“Everyone has a plan until they get punched in the face” – Mike Tyson
Here at Tier 3 IT solutions, we pride ourselves on our security-first ethos, a strategy that ensures nothing is left to chance when it comes to defending our clients against cyber dangers. We help Edmonton businesses vanquish the cyber bad guys, using class-leading threat monitoring that scans both on-premises and cloud environments for the early signals of a cyber breach, so that swift, decisive action can be taken at the earliest possible stage.
This proactive, risk-based approach to security extends not only to the cyber security services we provide, but our own internal security practices and protocols. In this article, we aim to explain why this is important, and help you understand the hidden dangers in choosing an IT company that neglects its own security.
The Importance of Third-party Security – What is a Supply Chain Attack?
Your business is only as secure as the weakest link in its supply chain!
Over the years, businesses have generally become more aware of the need for robust cyber security defenses. As a result, many organizations have become harder for cybercriminals to penetrate directly. This has seen criminals turn their attention to the “soft targets” in organizational supply chains, using these as a springboard to launch cyber threat campaigns against often larger, more lucrative targets. This attack methodology is commonly referred to as a “Supply chain Attack.”
A supply chain attack, as the name implies, seeks out vulnerabilities in an organization’s supply chain, and exploits these to infiltrate the network of the target – or in many cases, multiple targets. The hacker will appropriate the trusted third-party’s hardware, software or systems, using these as an intermediary to gain access to sensitive information within the target’s network, or as a launchpad for an exploitative malware attack. The fallout from a successful supply chain attack can be severe and wide-reaching, ranging from operational disruption and revenue loss, to devastating reputational damage and the legal repercussions that often result from a data breach.
In order to avert a potentially disastrous supply chain attack, it’s vital that you incorporate security vetting in your due diligence investigations when choosing third-party suppliers and service providers. This is particularly important in the case of an IT support provider, due to the reach, oversight and governance capabilities they hold within your IT environment. Your IT provider should be able to demonstrate a commitment to security proactivity and continuous improvement, with security posture assessment exercises – such as vulnerability scans and penetration testing – carried out regularly to provide ongoing monitoring of cyber risk. They should also have a viable, tested incident response plan in place covering a range of possible breach scenarios. This is critical to ensure effective damage mitigation following a breach attempt, to ensure that barriers are in place to prevent a breach escalating into an acute threat to your business’s network.
By now you may be thinking: how can an attack on my IT support provider develop into a threat to my business? Answering this question involves understanding some of the mechanisms and threat pathways between an IT provider and their clients, that a malicious threat actor can exploit.
How Cybercriminals Use IT Companies to Launch Supply Chain Attacks
Here are just a few of the ways cybercriminals can exploit poorly defended IT providers as an attack intermediary:
Credential Compromise
By obtaining the login credentials of IT support personnel, hackers can gain unauthorized entry to client systems, uncover sensitive information and make changes to security settings in ways that work in their favour. Social engineering attacks and malware like keyloggers, are some of the methods commonly used to steal account credentials, such as remote access logins, for example.
Malware Dissemination
Hackers can intercept the systems IT support providers use to update and configure client systems. By supplanting routine, legitimate updates with malware, criminals can use such systems as a vehicle to distribute malicious programs like ransomware across a number of target networks.
Client Impersonation
Hackers may imitate clients in order to instigate bogus support requests that undermine the security of the target system. This might involve convincing support personnel to grant the hacker direct network access, or installing a malware program into the target system. This method could be carried out by email, using targeted impersonation and email spoofing techniques.
Data Interception
By compromising communication channels or intercepting information in transit, hackers can steal sensitive information, including security-critical logins, and then exploit such information to their advantage.
Software Vulnerability Exploits
Hackers often exploit security vulnerabilities in the tools IT providers use to oversee and manage their clients’ networks, including remote management and monitoring software. They employ methods like remote code execution, privilege escalation, or SQL injection to take advantage of poorly maintained software, allowing them to infiltrate and move laterally within the target network.
The Tier 3 IT Difference – Our Internal Tabletop Exercises
The unfortunate truth is that most IT companies do not test their own cyber security regularly. At Tier 3 IT, we stand out by conducting simulations and exercises for a range of threats to stress-test our network and our incident response processes against potential threats.
Not only does this enable us to refine our processes and identify vulnerabilities, it’s an invaluable opportunity for training and working together to better secure ourselves, and our clients. You can find out more about them in this piece.
Here are just some of the internal cyber security factors that we assess through penetration testing on a regular basis:
Employee Awareness and Readiness
Test exercises evaluate the security awareness of our team, and their adherence to security best practices and our cyber secure information security policies. Simulations also seek to assess employee readiness, ensuring all our staff play a productive and effective role within our organizational incident response plan.
Network Security
Testing allows us to probe for vulnerabilities in network security and infrastructure, and determine the effectiveness of firewall protocols and wireless network security measures.
Operating Systems
We’re constantly on the lookout for operating system weak points, including weak passwords and privilege escalation vulnerabilities. Automated patch management ensures updates are installed in a timely manner across all our devices, in addition to the software tools we use to serve our clients.
Cloud Security and Infrastructure
Testing ensures there are no vulnerabilities or misconfigurations in our cloud platforms, and that identity and access management protocols offer appropriate levels of protection to security critical applications and data stores.
Endpoint Security
Our simulations test the potency of endpoint threat detection and response protections, as well as the robustness of data encryption protocols.
Remote Access
Out attack simulations assess the security posture of remote access solutions, and ensure the consistent and effective application of secure authentication protocols where appropriate, such as multi-factor authentication.
Ensuring Robust Business Cyber Security
By making a concerted and sustained effort to uphold the highest standards of internal security, we are able to deliver cyber security services that our clients can place their faith in. By conducting regular incident response simulations against our own infrastructure, we’re able to continually assess our security posture, equip our team with the insights they need to remain security vigilant, and drive a process of continuous cyber security improvement across our business. We take great pride in our own cyber security measures, so we’re able to deliver impactful and secure cyber security services to businesses across Edmonton and Alberta.
Tier3 IT Solutions – Your Premier IT Support Provider in Edmonton
Looking for top-tier IT support in Edmonton, Alberta? Look no further than Tier3 IT Solutions. As the foremost IT support company in the region, we specialize in delivering tailored solutions designed to address the specific requirements of businesses in Edmonton and beyond. Our seasoned team of technicians is dedicated to providing prompt help desk support and maintaining a proactive stance towards IT management.
At Tier3 IT, we understand the importance of a robust technology infrastructure for your business. That’s why we offer a comprehensive suite of services ranging from network monitoring and cybersecurity to cloud solutions and data backup. With Tier3 IT at your side, rest assured that your technology needs are in capable hands.
Experience unmatched reliability and efficiency with Tier3 IT Solutions. Contact us today to learn more about how we can elevate your IT experience in Edmonton and propel your business forward.
