News

Just two years after its launch, the Joint Cyber Defense Collective (JCDC) has released its first guidance document, providing a roadmap to enhance the security of remote monitoring and management (RMM) systems in critical infrastructure. RMM tools are used by managed service providers (MSPs) to access critical infrastructure systems remotely. However, threat actors have been targeting RMM tools as an entry point to infiltrate organizations.

The JCDC’s RMM Cyber Defense Plan aims to address this issue by improving education, awareness, and vulnerability management of RMM software. By doing so, the risk of threat actors successfully exploiting these tools can be minimized. Melissa Bischoping, Director of Endpoint Security Research at Tanium, highlights that RMM tools are popular among attackers due to their ability to operate without triggering common detection systems and their high-level permissions on controlled devices.

One example of a legitimate RMM tool that can be misused is TeamViewer, which has over 200 million users. John Gallagher, Vice President of Viakoo Labs, warns about the devastating consequences when the security of such tools is breached, enabling threat actors to operate within a company’s computer infrastructure. In fact, in 2021, a threat actor manipulated the chemicals used to treat Florida’s water supply by gaining control over TeamViewer.

The RMM Cyber Defense Plan encourages collaboration among operators, sharing threat and vulnerability information, establishing an RMM operational community, educating users, and amplifying threat alerts and advisories. This initiative is particularly valuable for MSPs, many of whom are relatively new to the security space. Teresa Rothaar, a governance, risk, and compliance analyst at Keeper Security, emphasizes that this collaboration will help MSPs improve their own operations and assist their customers with secure operations.

Roger Grimes, from KnowBe4, acknowledges the historical vulnerabilities associated with remote management systems and expresses hope that the JCDC’s efforts will yield positive results.

The post JCDC Releases Roadmap to Strengthen RMM Systems in Critical Infrastructure appeared first on satProviders.