What happens when the company responsible for protecting everyone else becomes the one that gets hacked? Spoiler alert: it’s not just their problem. This episode dives into the uncomfortable reality that when an IT provider gets hit, the ripple effects can slam into hundreds, or even thousands, of businesses at once. From ransomware evolution to insider threats to the ever-growing AI wildcard, this conversation pulls back the curtain on why cybersecurity isn’t just an IT issue… it’s everyone’s issue.
In this episode:
When One IT Provider Gets Hit, Everyone Feels IT – Ep 547
Today’s Episode is brought to you by:
Kardon
and
HIPAA for MSPs with Security First IT
Subscribe on Apple Podcast. Share us on Social Media. Rate us wherever you find the opportunity.
Great idea! Share Help Me With HIPAA with one person this week!
Learn about offerings from the Kardon Club
and HIPAA for MSPs!
Thanks to our donors. We appreciate your support!
If you would like to donate to the cause you can do that at HelpMeWithHIPAA.com
Like us and leave a review on our Facebook page: www.Facebook.com/HelpMeWithHIPAA
When you see a couple of numbers on the left side of the text below click that and go directly to that part of the audio. Get the best of both worlds from the show notes to the audio and back!
When One IT Provider Gets Hit, Everyone Feels IT
[00:46]2025 MSP Threat Report | ConnectWise
This report is purpose-built to give MSPs a deeper understanding of the threat landscape as it stood throughout 2024. It offers actionable cybersecurity insights from the ConnectWise Cyber Research Unit™ (CRU) to help MSPs enhance protection for SMBs and better prioritize time, effort, and investments.
The report states that “Cybersecurity threats evolve rapidly, and MSPs are increasingly in the crosshairs of attackers targeting the IT ecosystem.”
Why does that matter? Because MSPs often control thousands of endpoints for their clients — meaning one breach can touch many businesses at once (even if those businesses don’t talk about MSPs every day).
[15:54]MSPs as Targets — The Shared Access Risk
Key point:
Attackers are choosing MSPs as gateways — not just individual customers.
“Instead of risking the attention of attacking large entities, threat actors use MSPs — who may have fewer cybersecurity resources — as a gateway to attack all their small and midsized (SMB) customers.”
That’s the master-key analogy in report language — MSPs are a centralized point attackers can exploit.
What MSPs Are Worried About
“According to the report “‘The State of SMB Cybersecurity in 2024,” about 78% of MSPs surveyed said they were worried that a serious attack could put them out of business.”
[20:14]Ransomware’s Evolving Playbook
Trend: Attackers aren’t just encrypting anymore — they’re extorting.
Report covers:
“While encryption remains a staple tactic, 2024 saw the growth of data extortion as a standalone strategy. Groups such as RansomHub have embraced this model, stealing sensitive data without deploying ransomware payloads.”
New Players and Persistence
Report highlights:
“The void left by Lockbit’s disruption created an opportunity for new and lesser-known groups to emerge.”
Plus groups that “rely on stealth to establish long-term access” and “conduct extensive reconnaissance” before striking.
Attackers aren’t just crashing in — they’re patient and strategic now.
Drive-By Compromises Still Going Strong
The report also includes a continual threat of drive-by attacks on SMBs — showing attackers still use low-tech but effective methods.
Not all attacks are headline-grabbing malware. Sometimes it’s a vulnerability that any one of us could have stopped with good patching.
[33:27]What MSPs (and Their Clients) Can Do
The report repeatedly emphasizes proactive defenses like:
- Continuous monitoring
- Patch and vulnerability management
- Layered tools beyond endpoint detection
- Educating clients about threats
OK so what do we do about AI?
Of course, all of this gets more complicated when you add in that one question. That is the question everyone must be answering today, not just your MSP but each of us must be taking care of our own organizations.
At the end of the day, cybersecurity isn’t about panic – it’s about preparation. Whether you’re an MSP guarding the master keys or a business trusting someone else to hold them, the risks are real and constantly evolving. The threats aren’t just flashy ransomware headlines anymore – they’re quiet data grabs, insider risks, unpatched systems, and AI-powered curveballs. The goal isn’t to lose sleep. It’s to stay sharp, stay proactive, and remember that “set it and forget it” has never been a cybersecurity strategy.
Remember to follow us and share us on your favorite social media site. Rate us on your podcasting apps, we need your help to keep spreading the word. As always, send in your questions and ideas!
HIPAA is not about compliance,
it’s about patient care.TM
Special thanks to our sponsors Security First IT and Kardon.
