Multiple cybersecurity authorities from Australia, Canada, New Zealand, the U.K., and the U.S. this week released a joint advisory warning of threats targeting managed service providers (MSPs) and their customers.
“The cybersecurity authorities of the United Kingdom, Australia, Canada, New Zealand, and the United States have released joint Cybersecurity Advisory (CSA), Protecting Against Cyber Threats to Managed Service Providers and their Customers, to provide guidance on how to protect against malicious cyber activity targeting managed service providers (MSPs) and their customers.” reads the joint advisory. “The CSA—created in response to reports of increased activity against MSPs and their customers—provides specific guidance for both MSPs and customers aimed at enabling transparent discussions on securing sensitive data.”
The alert provides tactical actions for MSPs and customers, including:
MSPs are a privileged target for both, nation-state actors and cybercriminals, that once compromised their infrastructure could ultimately attack the customers’ infrastructure by exploiting their access.
The Five Eyes agencies warn of supply chain attacks targeting MSPs and that could impact their customers, such as the SolarWinds attacks.
Below is the list of recommendations included in the guidance:
Prevent initial compromise
Enable/improve monitoring and logging processes
Enforce multifactor authentication (MFA)
Manage internal architecture risks and segregate internal networks
Apply the principle of least privilege
Deprecate obsolete accounts and infrastructure
Backup systems and data
Develop and exercise incident response and recovery plans
Understand and proactively manage supply chain risk
Manage account authentication and authorization
Please vote for Security Affairs as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS
Vote for me in the sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog” and others of your choice.
To nominate, please visit: https://docs.google.com/forms/d/e/1FAIpQLSfxxrxICiMZ9QM9iiPuMQIC-IoM-NpQMOsFZnJXrBQRYJGCOw/viewform
(SecurityAffairs – hacking, MSPs)