CISA, the NSA and the FBI warn of an increase in cyberattacks targeting MSPs

We’re excited to bring Transform 2022 back in person on July 19 and pretty much July 20-28. Join AI and data leaders for insightful conversations and exciting networking opportunities. Register today!

Today, the Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the United Kingdom’s National Cyber ​​Security Center (NCSC-UK), Australian Cybersecurity Center (ACSC), Canadian Center for Cybersecurity (CCCS), New Zealand National Cyber ​​Security Center (NZ NCSC), National Security Service (NSA), and the Federal Office of Research (FBI) released and advisory alert threats targeting MSPs.

As part of the advisory, the agencies warned that they expect “state-sponsored Advanced Persistent Threat (APT) groups and other malicious cyber actors to increase their targeting of MSPs against both provider and customer networks.”

The potential for an increase in attacks against MSPs and threats to the supply chain means organizations must be prepared to closely manage relationships with third-party vendors and ensure there are no security vulnerabilities.

Securing the supply chain

The advice comes as organizations and service providers struggle to mitigate supply chain threats, particularly with the: solar wind and Kaseya breaches, which have resulted in the compromise of more than 1,100 downstream organizations.

The crux of the challenge is that many providers lack the incident response capabilities to respond to incidents in a timely manner, with 66% of suppliers in successful attacks on the supply chain not knowing or not reporting on how they have been compromised.

If the announcement is correct, organizations will have to drastically rethink how they manage relationships with third-party suppliers.

“As this joint advice makes clear, malicious cyber actors continue to target managed service providers, which can significantly increase the downstream risk to the businesses and organizations they support – why it’s critical that MSPs and their customers take action to protect their networks. protect,” said CISA Director Jen Easter.

In practice, that means a more proactive approach to identifying risks. “Businesses should focus on implementing zero-trust and increasing active threat hunting, particularly through networks and endpoints that MSPs can access,” said Tom Kellermann, former Obama administration cybersecurity commissioner and chief executive officer. of cybersecurity strategy at VMware.

Kellerman believes the war between Russia and Ukraine will fuel the increase in these attacks as Russian cyber spies deploy supply chain strategies to deploy destructive malware against entire customer bases of MSPs.

Improving security posture against supply chain threats

As threats to the supply chain increase, the advisory recommends that companies take steps to mitigate risks in the supply chain.

Specifically, the advisory says that MSP customers should review their contractual arrangements with providers to ensure the MSP will implement a set of specific security measures and controls.

These controls include implementing mitigation tools to protect against compromise attack methods, enabling monitoring and logging, implementing endpoint detection and network defense monitoring, ensuring secure remote access applications, and implementing multi-factor authentication.

It also states that MSPS should develop and implement incident response and recovery plans that break down the roles and responsibilities of stakeholders within the organization.

In addition to these checks, Kellermann recommends that companies implement micro-segmentation, implement Active Application monitoring, extend the weekly threat hunt with shared networks and services, implement just-in-time management, and ensure that all back ups are viable.

The mission of VentureBeat is a digital city square for technical decision makers to gain knowledge about transformative business technology and transactions. Learn more about membership.

Shreya Christina
Shreya has been with for 3 years, writing copy for client websites, blog posts, EDMs and other mediums to engage readers and encourage action. By collaborating with clients, our SEO manager and the wider team, Shreya seeks to understand an audience before creating memorable, persuasive copy.

More from author


Please enter your comment!
Please enter your name here

Related posts


Latest posts

The Nostalgia Factor: Why Retro Gaming Continues to Thrive

In the fast-paced world of modern video games with their stunning graphics, lifelike simulations, and complex narratives, there's a distinct charm in returning to...

The Rise of Cross-Platform App Development in Australia

In the ever-evolving landscape of app development, the need for efficiency, cost-effectiveness, and wider reach has given rise to a significant trend: cross-platform app...

Embracing Efficiency and Nature: Why Outdoor Pods Trump Typical Cubicles

In the ever-evolving world of work, the concept of the traditional office is undergoing a profound transformation. The limitations of the conventional cubic office...

Want to stay up to date with the latest news?

We would love to hear from you! Please fill in your details and we will stay in touch. It's that simple!