12 May 2022

Cybersecurity agencies warn of rise in attacks targeting MSPs


Cybersecurity agencies warn of rise in attacks targeting MSPs

The cybersecurity authorities from the US, UK, Australia, Canada, and New Zealand have released a joint security advisory warning managed service providers (MSPs) and their customers of an increased risk of supply chain attacks by malicious actors, including state-sponsored hacker groups.

“The UK, Australian, Canadian, New Zealand, and U.S. cybersecurity authorities expect malicious cyber actors—including state-sponsored advanced persistent threat (APT) groups—to step up their targeting of MSPs in their efforts to exploit provider-customer network trust relationships. For example, threat actors successfully compromising an MSP could enable follow-on activity—such as ransomware and cyber espionage—against the MSP as well as across the MSP's customer base,” the agencies said.

The advisory provides recommendations on security measures MSPs and their customers can take to reduce the risk of falling victim to a cyber intrusion, and describes cybersecurity best practices on securing sensitive data.

The recommendations include measures organizations can take to prevent intrusion, such as improving security of vulnerable devices; protecting internet-facing servers; defending against phishing, brute force and password spraying; identifying and disabling accounts and infrastructure no longer in use; enforcing multi-factor authentication (MFA) on MSP accounts that access customer environments, and applying the principle of least privilege to both internal and customer environments, avoiding default administrative privileges.


Back to the list

Latest Posts

Interpol arrests suspected leader of Nigerian cybercrime gang involved in BEC attacks

Interpol arrests suspected leader of Nigerian cybercrime gang involved in BEC attacks

The suspect registered 240 domains, 50 of which were used as command-and-control domains for the ISRStealer, Pony, and LokiBot malware.
26 May 2022
US automaker General Motors hit with credential stuffing attack

US automaker General Motors hit with credential stuffing attack

Social Security numbers and driver’s license details weren’t compromised, the company said.
25 May 2022
Popular Python and PHP libraries altered to steal AWS keys

Popular Python and PHP libraries altered to steal AWS keys

In both cases the attacker appears to have taken over packages that have not been updated in a while.
25 May 2022