There’s a dark side to using remote control software for remote access. Dark Cubed CEO Vince Crisler says although these solutions give managed services providers (MSPs) the ability to work more efficiently and provide a higher level of customer support, they can put you and your clients at risk.
“Unfortunately, they function like the software a hacker would use, they enable administrative privileges, run scripts, and take screenshots,” Crisler says. “If you go on the dark web and buy a remote access tool, it would be similar to the one you’re using.”
An Attractive Target
Your remote control software can be the key to a bigger score for a hacker. “They’re in it to make money,” Crisler explains. “Instead of targeting one business, they can compromise one MSP and put ransomware on 100 accounts. They’re trying to be as efficient as they can, too.”
Crisler, a member of the CompTIA IT Security Council, says this is a constant discussion among the MSPs in the organization as well as the MSPs who work with Dark Cubed.
“The basics of the changing threat environment have MSPs very aware of the risks,” he says.
Protecting Your Business from Risks
Hackers can use several methods to gain access to your remote control software. Crisler says some tools have vulnerabilities that hackers can exploit. Sometimes, however, the fault lies with the MSP. Your staff may also fall prey to phishing and reveal login information. If you’re using easy passwords, a hacker could use brute force to find a way into your systems. Worse, if you’re using the same password for each of your clients, the hacker is suddenly free to steal data or upload code to all of those accounts.
“MSPs know better, but they may be doing things they shouldn’t be doing,” Crisler says. “If they’re not constantly in fear or risks, they may be taking shortcuts to save time throughout the day, thinking, ‘What’s the harm in using the same password for 20 accounts?’”
One important measure to protect remote control software is using two-factor authentication. This feature requires a second method of authentication, such as sending a text verification code, for the user to access the system. “If you’re using a remote access tool that doesn’t support two-factor authentication, get rid of it,” he says.
Remote Control Software Challenges
One of the biggest hurdles to keeping your remote control software tools safe is visibility. Research for Dark Cubed’s Attacking the Gatekeepers report found evidence of extensive scanning for remote access tools connected to the internet. Monitoring systems and collecting log files will show unusual activity, but Crisler concedes, it can be a time-consuming process. Furthermore, as the report explains, “friendly fire” can make the process harder. Scanning performed by internet researchers, analytics firms, security ratings providers, and other legitimate organizations can create noise that you need to differentiate from malicious activity. Budget-strapped MSPs may be using free solutions that aren’t effective at filtering out that activity.
“You may get pulled down into a quagmire that you think is more work than it’s worth,” Crisler says. “But if you aren’t monitoring your networks, hackers don’t have to try to hide. MSPs need to be vigilant and monitor what’s exposed and stay informed of what to watch for.”
Crisler points out that in coming years, you won’t have a choice about securing and monitoring remote access solutions. New regulations will force the issue. For example, if any of your customers are government contractors, you’ll be required to comply with the Cybersecurity Maturity Model Certification (CMMC) initiative.
You can take the first step today, though, and it’s a simple one. “I can’t overemphasize the importance of two-factor authentication. If you asked me my top five recommendations, I’d say two-factor authentication five times,” Crisler says. “You hold the key to all of your customers’ networks. It doesn’t solve everything, but it makes it harder for the attacker. Encourage your customers to employ it as well.”