WatchGuard highlights critical MSP security services for 2021

Expect an uptick in spear phishing attacks, thanks to automation

Spear phishing is one of the most common methods cybercriminals use to successfully breach organizations. WatchGuard Technologies said hackers have begun to incorporate automation into their spear phishing efforts, allowing them to increase volume of emails they can send. As a result, WatchGuard predicts MSPs and their clients to see significant increase in spear phishing attacks in 2021.

Corey Nachreiner

Nachreiner suggested organizations implement a spear phishing protection strategy or strengthen it if they have one already. However, regardless of whether strong protection measures are in place, some spear phishing attempts will inevitably find their way into employees' inboxes.

To combat this, Nachreiner recommended that MSPs implement DNS filtering products, as well as advanced malware protection offerings that "can strip the sophisticated and evasive malware files or documents typically attached to spear phishing emails."

More importantly, he stresses the importance of, "mak[ing] sure your customers have implemented security awareness training for their employees. In fact, security training is a great additional service MSPs can offer."

Hackers will aim to worm their way into corporate networks

With the sudden increase of remote workforces in 2020, hackers have turned to exploit the potential backdoors of VPNs, according to WatchGuard. The company predicts hackers will use worm functionality modules in their malware to move from device to device on a network. As a result, they will seek to infect vulnerable laptops and devices on home networks as a means for breaking into corporate networks.

"In the age of remote work, it's critical to go beyond general antivirus solutions to offer a full EPP [endpoint protection platform] suite and consider adopting MDR [managed detection and response] services," Nachreiner advised. Endpoint protection platforms aim to protect clients' employees' home-based computers, while MDR services can monitor home-based machines.

He added that MSP security services should ensure VPN offerings include an endpoint health assessment that can check home-connected devices before the VPN connects. Thus, "worms preying on home-connected devices to target corporate networks will have more difficulty infecting the computer in the first place and won't be able to make a VPN connection," he said.

Security training is a great additional service MSPs can offer.

Lack of MFA will become an even greater problem

Few SMBs today have fully implemented a multifactor authentication (MFA) system across their organizations, Nachreiner said. Companies continue to resist MFA due in part to the fact that the old-school MFA products were, as Nachreiner stated, "a pain in the neck."

However, modern MFA solutions have become much more "streamlined and cost-effective," he said. "Now there are entirely cloud-based options, with no local server install requirements. ... Push notification technology on employees' existing mobile phones makes the second factor just a quick button press away."

Nachreiner recommended that MSPs evaluate MFA offerings that focus specifically on minimizing the high-friction experiences associated with older MFA systems. He emphasized that "every MSP should also be using MFA themselves, which they can quickly leverage for customer demonstrations. Seeing is believing. When clients see how easy the MFA process has become, it helps convince them to consider the solution themselves."