Remote Monitoring Tool Abuse Surges, Microsoft Copilot Control Failures, and AI’s Channel Impact

Cybercrime’s escalation has reached a projected $12.2 trillion annual impact by 2031, with a notable surge in remote monitoring and management (RMM) tool abuse—up 277% year-over-year, according to Huntress and supporting vendor reports. Attackers utilize legitimate IT tools to facilitate stealthier ransomware and phishing campaigns, amplifying structural vulnerabilities within MSP technology stacks. Key metrics from Acronis, WatchGuard, and Vectra AI indicate a shift to smaller, more evasive malware campaigns, longer times to ransomware deployment (averaging 20 hours), and widespread unaddressed security alerts, raising questions about the adequacy of current defenses and incident response practices.

Vendor-supplied threat intelligence further shows that MSPs’ reliance on signature-based platforms and insufficient visibility leaves them exposed to evolving attack techniques. Data reviewed suggests phishing footholds can quickly compromise cross-client environments, and legal ramifications heavily fall on the service provider when RMM or monitoring tools act as entry points. Notably, only about 58-60% of organizations report full visibility across their systems, with a majority of alerts remaining unaddressed, underscoring gaps in operational maturity and preparedness.

Adjacent coverage highlighted Microsoft Copilot’s repeated security control failures within regulated environments, specifically its inability to enforce sensitivity labels and boundaries across emails—most recently affecting the UK’s National Health Service. The lack of vendor-announced architectural changes calls into question the viability of deploying AI tools in compliance-driven contexts. Separately, political and public backlash against surveillance technologies (such as Flock cameras) demonstrates that unchecked data collection is no longer a manageable passive risk, as data becomes increasingly actionable and retains liability beyond technical considerations.

The practical takeaway for MSPs and IT leaders is a need to prioritize audit, documentation, and enforcement of controls within their technology stacks, especially where vendor tools or AI-driven automation intersect with compliance and client trust. Preserving operational optionality and scrutinizing vendor terms—particularly data sharing and architectural enforcement—are essential to reduce exposure. Waiting for vendor patches, disregarding documented control failures, or underestimating public scrutiny elevate liability across legal, reputational, and client relationship domains.

Four things to know today:

00:00 Vendor Threat Reports Converge on One Risk MSPs Can’t Outsource: The RMM as Breach Vector
05:11 Copilot Failed Compliance Controls Twice in Eight Months — A Patch Won’t Fix That
07:03 Flock Backlash Exposes the Liability Hidden in Every Vendor Data-Sharing Contract
09:42 GTDC Summit: Distributors Pitch AI On-Ramp as Hyperscalers Compress Their Margin

Sponsored by:💼 All Our Sponsors

Support the vendors who support the show:
👉 https://businessof.tech/sponsors/

⸻

🚀 Join Business of Tech Plus

Get exclusive access to investigative reports, vendor analysis, leadership briefings, and more.
👉 https://businessof.tech/plus

⸻

🎧 Subscribe to the Business of Tech

Want the show on your favorite podcast app or prefer the written versions of each story?
📲 https://www.businessof.tech/subscribe

⸻

📰 Story Links & Sources

Looking for the links from today’s stories?
Every episode script — with full source links — is posted at:
🌐 https://www.businessof.tech

⸻

🎙 Want to Be a Guest?

Pitch your story or appear on Business of Tech: Daily 10-Minute IT Services Insights:
💬 https://www.podmatch.com/hostdetailpreview/businessoftech

⸻

🔗 Follow Business of Tech

LinkedIn: https://www.linkedin.com/company/28908079
YouTube: https://youtube.com/mspradio
Bluesky: https://bsky.app/profile/businessof.tech
Instagram: https://www.instagram.com/mspradio
TikTok: https://www.tiktok.com/@businessoftech
Facebook: https://www.facebook.com/mspradionews