DragonForce Ransomware: MSPs Under Attack! (EP 831)
DragonForce’s latest ransomware attack on an MSP using SimpleHelp RMM exposes the urgent need for better patch management, zero trust, and a rethink of persistent remote access. Dave Sobel joins Uncle Marv to break down what went wrong, the evolving threat landscape, and why MSPs must adapt their security playbooks now.
This episode dives deep into the recent DragonForce ransomware attack that targeted an MSP using the SimpleHelp RMM tool, compromising both the provider and its clients. Uncle Marv is joined by Dave Sobel, host of MSP Radio and The Business of Tech podcast, to analyze what went wrong and how MSPs can avoid similar fates. The conversation covers the critical importance of patching known vulnerabilities, the risks of on-premises RMM tools, and the shift toward cloud-based solutions for reducing attack surfaces.
Dave Sobel highlights the aggressive tactics of DragonForce, their ransomware-as-a-service business model, and why attackers are increasingly exploiting RMM tools. The episode also explores the concept of zero trust, the need for managed detection and response, and the legal risks MSPs face when failing to meet modern security standards. Listeners will walk away with actionable insights on improving cyber hygiene, rethinking persistent remote access, and evolving their security frameworks to keep up with today’s threats.
=== Companies, Products, and Books Mentioned
- MSP Radio / The Business of Tech Podcast: https://www.businessof.tech
- SimpleHelp (RMM): https://simple-help.com
- Datto RMM: https://www.datto.com/products/rmm
- N-Able (formerly SolarWinds MSP): https://www.n-able.com
- AnyDesk: https://anydesk.com
- Atera: https://www.atera.com
- MeshAgent: https://meshcentral.com/meshagent.html
- NetSupport Manager: https://www.netsupportmanager.com
- QuickAssist (Microsoft): https://support.microsoft.com/en-us/windows/quick-assist
- ScreenConnect (now ConnectWise Control): https://www.connectwise.com/software/control
- Splashtop: https://www.splashtop.com
- TeamViewer: https://www.teamviewer.com
- Sophos: https://www.sophos.com
- CrowdStrike: https://www.crowdstrike.com
- Proofpoint: https://www.proofpoint.com
- Microsoft: https://www.microsoft.com
=== MUSIC LICENSE CERTIFICATE
- Licensee: Marvin Bee
- Registered Project Name: IT Business Podcast
- Item Title: Upbeat & Fun Sports Rock Logo
- Item URL: https://elements.envato.com/upbeat-fun-sports-rock-logo-CSR3UET
- Author Username: AlexanderRufire
- License Date: January 1st, 2024
- Item License Code: 7X9F52DNML
=== Show Information
- Website: https://www.itbusinesspodcast.com/
- Host: Marvin Bee
- Uncle Marv’s Amazon Store: https://amzn.to/3EiyKoZ
- Become a monthly supporter: https://ko-fi.com/itbusinesspodcast
