The hackers that orchestrated the Wipro security breach disclosed last week allegedly hit a number of other solution providers as well, including Avanade and Capgemini, but for small and midsize MSPs, the real worry is a report that bad actors used a ConnectWise tool to help spread the attack.
ConnectWise Chief Product Officer Jeff Bishop told CRN last week that it appears that hackers found a way to legitimately use the tool. He added that Wipro is not a ConnectWise customer. Bishop’s comments came after KrebsOnSecurity reported that the vendor investigating the incident had thus far found that more than 100 Wipro endpoints were seeded with ConnectWise Control (formerly ScreenConnect), a remote support and remote access tool.
MSPs told CRN that if the tools they use to manage their customers’ networks are not secure, then it doesn’t matter how much they invest in security. While the details of the Wipro security breach and preciscely how ConnectWise technology was used to spread the attack are still emerging, MSPs said the prospect of IT service management tools playing a role in such an attack is chilling.
In response to this concern, ConnectWise CEO Jason Magee…
