FBI, CISA and NSA warn of hacker attacks on MSPs

16 May 2022
| No comments
B2B Cyber ​​Security ShortNews

Share post

Members of the Five Eyes (FVEY) intelligence alliance have warned managed service providers (MSPs) and their customers that they are increasingly vulnerable to supply chain attacks. They also provide advice on how MSPs can better protect themselves with tactical measures.

Several cybersecurity and law enforcement agencies from FVEY countries ( NCSC-UK , ACSC , CCCS , NCSC-NZ , CISA , NSA and the FBI ) have collectively provided guidance for MSPs to protect networks and sensitive data against these escalating cyber threats.

Warning to MSPs and their customers

Today's advice includes specific measures to secure sensitive information and data through transparent discussions focused on reassessing security processes and contractual obligations to reflect customers' risk tolerance.

An overview of the top tactical actions MSPs and their clients can take

  • Identify and deactivate accounts that are no longer used.
  • Enforce MFA for MSP accounts accessing customer environment and monitor for unexplained failed authentication.
  • Ensure MSP customer contracts transparently identify ownership of Information and Communication Technology (ICT) security roles and responsibilities.

"We know that MSPs who are vulnerable to exploitation significantly increase the downstream risks to the businesses and organizations they support," said CISA Director Jen Easterly. "Protecting MSPs is critical to our collective cyber defenses, and CISA and our multi-agency and international partners are committed to strengthening their security and enhancing the resilience of our global supply chain."

A year ago, the UK government announced an advisory call on how to defend against software supply chain attacks and how to strengthen the cybersecurity defenses of IT managed service providers (MSPs) across the country. The move came after President Biden issued an executive order modernizing the United States' defenses against cyberattacks following the SolarWinds supply chain attack and DarkSide ransomware attack on the Colonial Pipeline, the largest US fuel pipeline.

More at CISA.gov

 

Matching articles on the topic

Report: 40 percent more phishing worldwide

The current spam and phishing report from Kaspersky for 2023 speaks for itself: users in Germany are after ➡ Read more

BSI sets minimum standards for web browsers

The BSI has revised the minimum standard for web browsers for administration and published version 3.0. You can remember that ➡ Read more

Stealth malware targets European companies

Hackers are attacking many companies across Europe with stealth malware. ESET researchers have reported a dramatic increase in so-called AceCryptor attacks via ➡ Read more

IT security: Basis for LockBit 4.0 defused

Trend Micro, working with the UK's National Crime Agency (NCA), analyzed the unpublished version that was in development ➡ Read more

MDR and XDR via Google Workspace

Whether in a cafe, airport terminal or home office – employees work in many places. However, this development also brings challenges ➡ Read more

Test: Security software for endpoints and individual PCs

The latest test results from the AV-TEST laboratory show very good performance of 16 established protection solutions for Windows ➡ Read more

FBI: Internet Crime Report counts $12,5 billion in damage 

The FBI's Internet Crime Complaint Center (IC3) has released its 2023 Internet Crime Report, which includes information from over 880.000 ➡ Read more

HeadCrab 2.0 discovered

The HeadCrab campaign against Redis servers, which has been active since 2021, continues to successfully infect targets with the new version. The criminals' mini-blog ➡ Read more

Short news
, , , , , ,