Cyber Attack Disables MSP NetStandart Services

The US MSP provider (Managed Services Provider) NetStandard was hit by a cyberattack, as a result of which the company closed its MyAppsAnywhere cloud services, which include Dynamics GP, Exchange, Sharepoint and CRM services.

Let me remind you that we recently reported that IIS Extensions Are Increasingly Being Used as Exchange Backdoors, and also that the Number of unique cyberattacks decreased for the first time in several years.

NetStandard hired its insurance company, which provided security experts to help identify the source of the attack and bring systems back online. According to NetStandart, only MyAppsAnywhere services are affected, but the attack had a wider impact because the company’s main site is also down.

Since NetStandard does not provide any details, it is not clear what type of attack occurred. However, cybersecurity researchers believe it was a ransomware attack.

Huntress Lab CEO Kyle Hanslovan took to Twitter on July 26 to share a discovered post on a hacker forum in which an attacker was looking for partners to launch an attack on a managed service provider. According to a user posting on the Russian-language forum Exploit, he has access to an MSP vendor panel that manages over 50 companies, 100 VMware ESXi servers, and over 1,000 servers.

However, it is not yet clear whether this message is related to an attack on NetStandard or it is just a coincidence.