Members of the Five Eyes (FVEY) intelligence alliance have warned managed service providers (MSPs) and their customers that they are increasingly vulnerable to supply chain attacks. They also provide advice on how MSPs can better protect themselves with tactical measures.
Several cybersecurity and law enforcement agencies from FVEY countries ( NCSC-UK , ACSC , CCCS , NCSC-NZ , CISA , NSA and the FBI ) have collectively provided guidance for MSPs to protect networks and sensitive data against these escalating cyber threats.
Warning to MSPs and their customers
Today's advice includes specific measures to secure sensitive information and data through transparent discussions focused on reassessing security processes and contractual obligations to reflect customers' risk tolerance.
An overview of the top tactical actions MSPs and their clients can take
- Identify and deactivate accounts that are no longer used.
- Enforce MFA for MSP accounts accessing customer environment and monitor for unexplained failed authentication.
- Ensure MSP customer contracts transparently identify ownership of Information and Communication Technology (ICT) security roles and responsibilities.
"We know that MSPs who are vulnerable to exploitation significantly increase the downstream risks to the businesses and organizations they support," said CISA Director Jen Easterly. "Protecting MSPs is critical to our collective cyber defenses, and CISA and our multi-agency and international partners are committed to strengthening their security and enhancing the resilience of our global supply chain."
A year ago, the UK government announced an advisory call on how to defend against software supply chain attacks and how to strengthen the cybersecurity defenses of IT managed service providers (MSPs) across the country. The move came after President Biden issued an executive order modernizing the United States' defenses against cyberattacks following the SolarWinds supply chain attack and DarkSide ransomware attack on the Colonial Pipeline, the largest US fuel pipeline.
More at CISA.gov