Managed service providers (MSPs) have become the target of attacks, as lack of aggressive security posturing has left themand the high-value data of their clientsvulnerable. With security best practices gaining slow adoption across enterprise organizations, MSPs have gradually become subject to threats. APT groups are most commonly known for using zero-day vulnerabilities or other attacks requiring high resources and institutional support. But like other less sophisticated threat groups, they are under no obligation to continue doing what they do.”]
Source: https://blog.malwarebytes.com/business-2/2019/10/securing-the-managed-service-provider-msp/