The cybersecurity landscape continues to evolve, and for Managed Service Providers (MSPs), the latest battleground is clear: edge devices. In a recent Cyber Call featuring experts from Blackpoint Cyber, the conversation focused on a surge in attacks against firewalls, VPNs, and internet-facing devices—components that form the first line of defense for most clients.
The issue isn’t new, but it’s escalating. Threat actors are repeatedly exploiting known and zero-day vulnerabilities in devices like FortiGate, SonicWall, and others. These attacks are increasingly successful due to outdated software, poor configurations, and a general lack of consistent patching. The shift to remote work, coupled with increased reliance on VPNs, has only widened the attack surface.
Worse still, the release of data dumps containing firewall configs, VPN credentials, and management certificates gives attackers a fast-track to breach networks. As the panel noted, this provides attackers with a “pre-escalation” advantage, giving them immediate insight into internal networks and credentials—no need for initial brute-force tactics.
So what can MSPs do to respond? First, assume breach. This mindset shift encourages active monitoring, anomaly detection, and stricter controls. Audit and review client edge configurations regularly, looking for weak settings, insecure access methods, and default credentials. Harden remote access—consider VPN jump boxes, enforce MFA, and limit administrative access.
Always push for prompt patching and verify that firmware is current across all client devices. Implement network segmentation to limit lateral movement in the event of a breach, and revisit your vendor stack. If a vendor repeatedly fails to respond to vulnerabilities, it may be time to look elsewhere. Additionally, educate your clients—make sure they understand the risks and their role in protecting the business.
Looking ahead, artificial intelligence will only accelerate the threat landscape. While defenders are leveraging AI for better detection and response, attackers are doing the same to automate reconnaissance, payload delivery, and lateral movement. This arms race requires MSPs to stay informed and invest in modern, adaptive security strategies.
The bottom line? The edge is no longer just a point of connection—it’s now a primary attack vector. MSPs that act now to strengthen edge security, train their clients, and select the right tools will be far better prepared to defend their networks in 2024 and beyond.
