Beware of state actors stepping up attacks on managed service providers
Security agencies from the US, the UK, Australia, and Canada have released another security advisory this week, stating that they expect attacks on managed service providers (MSP) to increase in the near future. If an attacker is unable to compromise a service provider, it is likely that the activity will be redirected to the company’s infrastructure. Threat actors can use a vulnerable MSP as an initial access vector to multiple victim networks, attacking customers of service providers. Malicious cyber actors are expected to ramp up attacks against MSPs to exploit the customer-providers network trust relationships, the cybersecurity agencies stated.
Users have been advised to adopt additional security measures such as updating software, creating backups, enabling two-factor authentication, segregate internal networks, removing old user accounts, and improving monitoring and logging of accounts. It is also advised that users check contracts to ensure that they contain clauses requiring MSPs to have sufficient security controls in place.