{"id":12661,"date":"2025-10-08T10:04:49","date_gmt":"2025-10-08T09:04:49","guid":{"rendered":"https:\/\/mspglobal.com\/blog\/?p=12661"},"modified":"2025-10-08T10:06:13","modified_gmt":"2025-10-08T09:06:13","slug":"cyberattacks-on-msps-2025-acronis-report","status":"publish","type":"post","link":"https:\/\/mspglobal.com\/blog\/cyberattacks-on-msps-2025-acronis-report\/","title":{"rendered":"Cyberattacks on MSPs in 2025: what\u2019s new and how to respond"},"content":{"rendered":"\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"MSPs are under attack\" width=\"500\" height=\"281\" src=\"https:\/\/www.youtube.com\/embed\/4j9Ewqsk3Fg?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe>\n<\/div><\/figure>\n\n\n\n<p>Cybercriminals are targeting MSPs with new and increasingly complex phishing attacks. That\u2019s just one headline from the latest <em><a href=\"https:\/\/www.acronis.com\/en\/resource-center\/resource\/acronis-cyberthreats-report-h1-2025\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Acronis Cyberthreats Report<\/a><\/em> which analyses the global threat landscape for MSPs and their clients.<\/p>\n\n\n\n<p>Compiled by the Acronis Threat Research Unit (TRU) and based on data from over one million endpoints worldwide, the report tracks malware, ransomware, web and email attacks, and key vulnerabilities. Data is from the first half of 2025.<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-video is-provider-vimeo wp-block-embed-vimeo wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"Acronis H1 2025 TRU Cyberthreats Report\" src=\"https:\/\/player.vimeo.com\/video\/1125176168?dnt=1&amp;app_id=122963\" width=\"500\" height=\"281\" frameborder=\"0\" allow=\"autoplay; fullscreen; picture-in-picture; clipboard-write; encrypted-media; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\"><\/iframe>\n<\/div><\/figure>\n\n\n\n<p>We\u2019ve pulled out a few of the highlights, or download the full report<a href=\"https:\/\/www.acronis.com\/en\/resource-center\/resource\/acronis-cyberthreats-report-h1-2025\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\"> here<\/a>.<\/p>\n\n\n\n<h2 class=\"wp-block-heading has-large-font-size cfs-article-heading\" id=\"h-leading-access-vectors-msps-telcos-and-isps\" style=\"font-style:normal;font-weight:600;line-height:1.3\">Leading access vectors (MSPs, Telcos and ISPs)<\/h2>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"576\" src=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Graphics_Acronis_Cyberthreats_H1_2025_Report_2508185-1024x576.jpg\" alt=\"\" class=\"wp-image-12665\" srcset=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Graphics_Acronis_Cyberthreats_H1_2025_Report_2508185-1024x576.jpg 1024w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Graphics_Acronis_Cyberthreats_H1_2025_Report_2508185-768x432.jpg 768w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Graphics_Acronis_Cyberthreats_H1_2025_Report_2508185-1536x864.jpg 1536w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Graphics_Acronis_Cyberthreats_H1_2025_Report_2508185.jpg 1920w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Attack vectors are evolving in response to improved defences, but humans often remain the weakest link, with AI enabling more sophisticated forms of deception.<\/p>\n\n\n\n<p><strong>Phishing: 52%<\/strong><br>MSPs are frequent targets of phishing emails posing as clients or partners. In fact, phishing accounted for 52% of all attacks, up from 30% last year. These scams steal credentials or deliver malware via fake MFA prompts or malicious attachments. In one case, attackers used a phishing email to capture an admin\u2019s RMM credentials, unlocking access to multiple client environments.<\/p>\n\n\n\n<p><strong>Unpatched vulnerabilities: 27%<\/strong><br>Known flaws in MSP tools, such as RMM platforms or VPNs, remain a prime entry point and have increased slightly from 23%. Attackers have exploited Atlassian Jira vulnerabilities, including remote code execution and authentication bypass, to gain initial access. Once inside, they deployed infostealers to harvest credentials and tokens for deeper lateral movement.<\/p>\n\n\n\n<p><strong>Valid account abuse \/ credential theft: 15%<\/strong><br>Stolen admin credentials, tokens, and reused passwords give attackers near-invisible access. By logging in directly, they bypass MFA and enter Cloud dashboards or RMM systems undetected. One hijacked Microsoft 365 session token enabled attackers to silently control multiple client tenants. This vector has experienced a small increase over the last 12 months.<\/p>\n\n\n\n<p><strong>Remote Desktop Protocol (RDP): 3%<br><\/strong>Exposed or misconfigured RDP services provide another route in\u2014but one that has dropped dramatically from 24% to 3%. Attackers brute-force credentials or exploit trusted MSP IPs to gain access. In one breach, an attacker entered a vulnerable MSP backup server via RDP, then pivoted into both internal and client systems.<\/p>\n\n\n\n<p><strong>Trusted relationship exploitation 2%<br><\/strong>Compromising an MSP opens doors to client systems through VPNs or remote tools. Attackers may impersonate the MSP, pushing malicious updates or fraudulent support instructions. In one attack, ransomware was distributed as a routine update through the MSP\u2019s RMM console. This attack vector has dropped from 6% to 2% in the last year, showing the effectiveness of proactive defense.<\/p>\n\n\n\n<h2 class=\"wp-block-heading has-large-font-size cfs-article-heading\" id=\"h-software-vulnerabilities\" style=\"font-style:normal;font-weight:600;line-height:1.3\">Software vulnerabilities<\/h2>\n\n\n\n<p>The report also highlights three vulnerabilities in third-party software products that have been exploited in MSP-related attacks.<\/p>\n\n\n\n<p><strong>Cleo file transfer tool (CVE-2024-50623 &amp; CVE-2024-55956)<\/strong><br>Though first disclosed in 2024, these flaws are still being exploited in 2025. The vulnerabilities in Cleo\u2019s file transfer tool let attackers bypass authentication or gain unauthorized access. The Cl0p ransomware group has leveraged them to breach multiple organizations, including financial institutions. For MSPs relying on such tools, the risk extends deep into the supply chain.<\/p>\n\n\n\n<p><strong>Cisco vulnerabilities (e.g.: CVE-2023-20198 &amp; CVE-2023-20273)<\/strong><br>Unpatched Cisco IOS XE devices continue to expose telecom networks to attack. Salt Typhoon, a China-linked APT group, and others have exploited these 2023 vulnerabilities, which impact core networking infrastructure. Attackers can intercept call and text metadata \u2014 and potentially use compromised devices as a launchpad into wider systems.<\/p>\n\n\n\n<p><strong>SimpleHelp RMM (CVE-2024-57726, CVE-2024-57727, CVE-2024-57728)<\/strong><br>On June 4, 2025, CISA, the FBI, and other federal agencies issued a #StopRansomware advisory on active exploitation of SimpleHelp RMM flaws. Ransomware groups, including Play-linked initial access brokers, exploited CVE-2024-57727 to gain remote access and execute malicious commands. Compromised servers were then used to deploy ransomware and exfiltrate data using backdoors such as Sliver, affecting multiple U.S. organizations.<\/p>\n\n\n\n<h2 class=\"wp-block-heading has-large-font-size cfs-article-heading\" id=\"h-most-used-mitre-techniques\" style=\"font-style:normal;font-weight:600;line-height:1.3\">Most used MITRE techniques<\/h2>\n\n\n\n<p>The report addresses the adversary tactics and techniques named in the MITRE ATT&amp;CK framework, with practical advice on mitigating and defending against named techniques, including Process Injection and PowerShell.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"576\" src=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Graphics_Acronis_Cyberthreats_H1_2025_Report_2508188-1024x576.jpg\" alt=\"\" class=\"wp-image-12664\" srcset=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Graphics_Acronis_Cyberthreats_H1_2025_Report_2508188-1024x576.jpg 1024w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Graphics_Acronis_Cyberthreats_H1_2025_Report_2508188-768x432.jpg 768w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Graphics_Acronis_Cyberthreats_H1_2025_Report_2508188-1536x864.jpg 1536w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Graphics_Acronis_Cyberthreats_H1_2025_Report_2508188.jpg 1920w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading has-large-font-size cfs-article-heading\" id=\"h-ai-is-driving-increasingly-sophisticated-attacks\" style=\"font-style:normal;font-weight:600;line-height:1.3\">AI is driving increasingly sophisticated attacks<\/h2>\n\n\n\n<p>&nbsp;\u201cWhile the endgame for cybercriminals is still ransomware, how they get there is changing,\u201d said Gerald Beuchelt, CISO at Acronis.<\/p>\n\n\n\n<p>\u201cEven the least sophisticated attackers today have access to advanced AI capabilities, generating social engineering attacks and automating their activities with minimal effort.<\/p>\n\n\n\n<p>\u201cThe result is that MSPs, manufacturers, ISPs, and others are constantly exposed to sophisticated attacks, including increasingly advanced deepfakes, and all it takes is one mistake to put the organizations\u2019 entire future at risk.\u201d<\/p>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size cfs-article-inner-heading\" id=\"h-download-the-report\" style=\"font-style:normal;font-weight:600;line-height:1.3\">Download the report <\/h3>\n\n\n\n<p><a href=\"https:\/\/www.acronis.com\/en\/resource-center\/resource\/acronis-cyberthreats-report-h1-2025\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Read the full report now<\/a> for in-depth data and analysis\u2014or check out the highlights video below.<\/p>\n\n\n\n<p>And don&#8217;t forget to join Acronis at\u00a0MSP GLOBAL\u00a0where their experts will be sharing more insights and practical advice, including\u00a0DEEPFAKE LIVE\u00a0with Gerald Beuchelt, Acronis CISO, and Oleg Ishanov, Director, Threat Research.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cybercriminals are targeting MSPs with new and increasingly complex phishing attacks. That\u2019s just one headline from the latest Acronis Cyberthreats Report which analyses the global threat landscape for MSPs and their clients. Compiled by the Acronis Threat Research Unit (TRU) and based on data from over one million endpoints worldwide, the report tracks malware, ransomware, [&hellip;]<\/p>\n","protected":false},"author":30,"featured_media":12668,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"mark_post_sync":false,"footnotes":""},"categories":[1513],"tags":[],"class_list":["post-12661","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-guides"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v24.2 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Cyberattacks on MSPs in 2025: what\u2019s new and how to respond<\/title>\n<meta name=\"description\" content=\"Phishing and AI-driven attacks on MSPs are rising fast in 2025. Discover the latest trends in the Acronis TRU report.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/mspglobal.com\/blog\/cyberattacks-on-msps-2025-acronis-report\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Cyberattacks on MSPs in 2025: what\u2019s new and how to respond\" \/>\n<meta property=\"og:description\" content=\"Cyberattacks on MSPs in 2025: what\u2019s new and how to respond\" \/>\n<meta property=\"og:url\" content=\"https:\/\/mspglobal.com\/blog\/cyberattacks-on-msps-2025-acronis-report\/\" \/>\n<meta property=\"og:site_name\" content=\"MSP GLOBAL BLOG\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/profile.php?id=100089083200946\" \/>\n<meta property=\"article:published_time\" content=\"2025-10-08T09:04:49+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-10-08T09:06:13+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Cyberthreats-Acronis-TRU-Report-for-MSPs-1024x683.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"683\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Miles Kendall\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@MSPglobalevent\" \/>\n<meta name=\"twitter:site\" content=\"@MSPglobalevent\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Miles Kendall\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/cyberattacks-on-msps-2025-acronis-report\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/cyberattacks-on-msps-2025-acronis-report\\\/\"},\"author\":{\"name\":\"Miles Kendall\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/person\\\/3e9bed029b316efa7a58f3f21d3c2845\"},\"headline\":\"Cyberattacks on MSPs in 2025: what\u2019s new and how to respond\",\"datePublished\":\"2025-10-08T09:04:49+00:00\",\"dateModified\":\"2025-10-08T09:06:13+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/cyberattacks-on-msps-2025-acronis-report\\\/\"},\"wordCount\":802,\"publisher\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/cyberattacks-on-msps-2025-acronis-report\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Cyberthreats-Acronis-TRU-Report-for-MSPs.png\",\"articleSection\":[\"Guides\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/cyberattacks-on-msps-2025-acronis-report\\\/\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/cyberattacks-on-msps-2025-acronis-report\\\/\",\"name\":\"Cyberattacks on MSPs in 2025: what\u2019s new and how to respond\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/cyberattacks-on-msps-2025-acronis-report\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/cyberattacks-on-msps-2025-acronis-report\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Cyberthreats-Acronis-TRU-Report-for-MSPs.png\",\"datePublished\":\"2025-10-08T09:04:49+00:00\",\"dateModified\":\"2025-10-08T09:06:13+00:00\",\"description\":\"Phishing and AI-driven attacks on MSPs are rising fast in 2025. Discover the latest trends in the Acronis TRU report.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/cyberattacks-on-msps-2025-acronis-report\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/mspglobal.com\\\/blog\\\/cyberattacks-on-msps-2025-acronis-report\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/cyberattacks-on-msps-2025-acronis-report\\\/#primaryimage\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Cyberthreats-Acronis-TRU-Report-for-MSPs.png\",\"contentUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/Cyberthreats-Acronis-TRU-Report-for-MSPs.png\",\"width\":2121,\"height\":1414,\"caption\":\"Cybercriminal seen from behind\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/cyberattacks-on-msps-2025-acronis-report\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Guides\",\"item\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/category\\\/guides\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Cyberattacks on MSPs in 2025: what\u2019s new and how to respond\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/\",\"name\":\"MSP INSIGHTS - The MSP GLOBAL Blog\",\"description\":\"The latest news for MSPs and Tech Experts.\",\"publisher\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#organization\",\"name\":\"MSP GLOBAL\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/MSP-GLOBAL-BLOG.svg\",\"contentUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/MSP-GLOBAL-BLOG.svg\",\"width\":536,\"height\":63,\"caption\":\"MSP GLOBAL\"},\"image\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/profile.php?id=100089083200946\",\"https:\\\/\\\/x.com\\\/MSPglobalevent\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/mspglobalevent\\\/\",\"https:\\\/\\\/www.instagram.com\\\/mspglobalevent\\\/\"],\"ownershipFundingInfo\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/imprint\\\/\",\"actionableFeedbackPolicy\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/imprint\\\/\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/person\\\/3e9bed029b316efa7a58f3f21d3c2845\",\"name\":\"Miles Kendall\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/miles-kendall-96x96.jpeg\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/miles-kendall-96x96.jpeg\",\"contentUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/miles-kendall-96x96.jpeg\",\"caption\":\"Miles Kendall\"},\"description\":\"Miles is a highly experienced communications and technology expert, with a track record of delivering high performing content for a range of B2B clients across a variety of sectors. As part of the senior writing team at CloudFest he\u2019s responsible for highlighting key trends, teasing out thought leadership and delivering original insight \u2013 utilizing his background in journalism and content strategy.\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/author\\\/miles-kendall\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Cyberattacks on MSPs in 2025: what\u2019s new and how to respond","description":"Phishing and AI-driven attacks on MSPs are rising fast in 2025. Discover the latest trends in the Acronis TRU report.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/mspglobal.com\/blog\/cyberattacks-on-msps-2025-acronis-report\/","og_locale":"en_US","og_type":"article","og_title":"Cyberattacks on MSPs in 2025: what\u2019s new and how to respond","og_description":"Cyberattacks on MSPs in 2025: what\u2019s new and how to respond","og_url":"https:\/\/mspglobal.com\/blog\/cyberattacks-on-msps-2025-acronis-report\/","og_site_name":"MSP GLOBAL BLOG","article_publisher":"https:\/\/www.facebook.com\/profile.php?id=100089083200946","article_published_time":"2025-10-08T09:04:49+00:00","article_modified_time":"2025-10-08T09:06:13+00:00","og_image":[{"width":1024,"height":683,"url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Cyberthreats-Acronis-TRU-Report-for-MSPs-1024x683.png","type":"image\/png"}],"author":"Miles Kendall","twitter_card":"summary_large_image","twitter_creator":"@MSPglobalevent","twitter_site":"@MSPglobalevent","twitter_misc":{"Written by":"Miles Kendall","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/mspglobal.com\/blog\/cyberattacks-on-msps-2025-acronis-report\/#article","isPartOf":{"@id":"https:\/\/mspglobal.com\/blog\/cyberattacks-on-msps-2025-acronis-report\/"},"author":{"name":"Miles Kendall","@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/person\/3e9bed029b316efa7a58f3f21d3c2845"},"headline":"Cyberattacks on MSPs in 2025: what\u2019s new and how to respond","datePublished":"2025-10-08T09:04:49+00:00","dateModified":"2025-10-08T09:06:13+00:00","mainEntityOfPage":{"@id":"https:\/\/mspglobal.com\/blog\/cyberattacks-on-msps-2025-acronis-report\/"},"wordCount":802,"publisher":{"@id":"https:\/\/mspglobal.com\/blog\/#organization"},"image":{"@id":"https:\/\/mspglobal.com\/blog\/cyberattacks-on-msps-2025-acronis-report\/#primaryimage"},"thumbnailUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Cyberthreats-Acronis-TRU-Report-for-MSPs.png","articleSection":["Guides"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/mspglobal.com\/blog\/cyberattacks-on-msps-2025-acronis-report\/","url":"https:\/\/mspglobal.com\/blog\/cyberattacks-on-msps-2025-acronis-report\/","name":"Cyberattacks on MSPs in 2025: what\u2019s new and how to respond","isPartOf":{"@id":"https:\/\/mspglobal.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/mspglobal.com\/blog\/cyberattacks-on-msps-2025-acronis-report\/#primaryimage"},"image":{"@id":"https:\/\/mspglobal.com\/blog\/cyberattacks-on-msps-2025-acronis-report\/#primaryimage"},"thumbnailUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Cyberthreats-Acronis-TRU-Report-for-MSPs.png","datePublished":"2025-10-08T09:04:49+00:00","dateModified":"2025-10-08T09:06:13+00:00","description":"Phishing and AI-driven attacks on MSPs are rising fast in 2025. Discover the latest trends in the Acronis TRU report.","breadcrumb":{"@id":"https:\/\/mspglobal.com\/blog\/cyberattacks-on-msps-2025-acronis-report\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/mspglobal.com\/blog\/cyberattacks-on-msps-2025-acronis-report\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mspglobal.com\/blog\/cyberattacks-on-msps-2025-acronis-report\/#primaryimage","url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Cyberthreats-Acronis-TRU-Report-for-MSPs.png","contentUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/Cyberthreats-Acronis-TRU-Report-for-MSPs.png","width":2121,"height":1414,"caption":"Cybercriminal seen from behind"},{"@type":"BreadcrumbList","@id":"https:\/\/mspglobal.com\/blog\/cyberattacks-on-msps-2025-acronis-report\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/mspglobal.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Guides","item":"https:\/\/mspglobal.com\/blog\/category\/guides\/"},{"@type":"ListItem","position":3,"name":"Cyberattacks on MSPs in 2025: what\u2019s new and how to respond"}]},{"@type":"WebSite","@id":"https:\/\/mspglobal.com\/blog\/#website","url":"https:\/\/mspglobal.com\/blog\/","name":"MSP INSIGHTS - The MSP GLOBAL Blog","description":"The latest news for MSPs and Tech Experts.","publisher":{"@id":"https:\/\/mspglobal.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/mspglobal.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/mspglobal.com\/blog\/#organization","name":"MSP GLOBAL","url":"https:\/\/mspglobal.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/MSP-GLOBAL-BLOG.svg","contentUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/MSP-GLOBAL-BLOG.svg","width":536,"height":63,"caption":"MSP GLOBAL"},"image":{"@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/profile.php?id=100089083200946","https:\/\/x.com\/MSPglobalevent","https:\/\/www.linkedin.com\/company\/mspglobalevent\/","https:\/\/www.instagram.com\/mspglobalevent\/"],"ownershipFundingInfo":"https:\/\/mspglobal.com\/blog\/imprint\/","actionableFeedbackPolicy":"https:\/\/mspglobal.com\/blog\/imprint\/"},{"@type":"Person","@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/person\/3e9bed029b316efa7a58f3f21d3c2845","name":"Miles Kendall","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/miles-kendall-96x96.jpeg","url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/miles-kendall-96x96.jpeg","contentUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/miles-kendall-96x96.jpeg","caption":"Miles Kendall"},"description":"Miles is a highly experienced communications and technology expert, with a track record of delivering high performing content for a range of B2B clients across a variety of sectors. As part of the senior writing team at CloudFest he\u2019s responsible for highlighting key trends, teasing out thought leadership and delivering original insight \u2013 utilizing his background in journalism and content strategy.","url":"https:\/\/mspglobal.com\/blog\/author\/miles-kendall\/"}]}},"_links":{"self":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts\/12661","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/users\/30"}],"replies":[{"embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/comments?post=12661"}],"version-history":[{"count":5,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts\/12661\/revisions"}],"predecessor-version":[{"id":12672,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts\/12661\/revisions\/12672"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/media\/12668"}],"wp:attachment":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/media?parent=12661"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/categories?post=12661"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/tags?post=12661"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}