As an outsourced contractor, managed service providers (MSPs) offer various technological solutions such as application management, networks, security, and infrastructure. MSPs are also key players in the worldwide supply chain with their clients including, wholesale business, critical infrastructure, retail, and regulated industries. As an MSP covering IT infrastructure and end-user systems, customers rely on you to protect their sensitive data, intellectual property, and valuable assets. An attack in one MSP can spread to clients, and when not handled correctly, could lead to a domino-like chain reaction.
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA), along with other agencies issued a fresh advisory to protect MSPs and their clients. Cyber agencies from the UK, Australia, Canada, and New Zealand expect an increase in cyber threats targeting MSPs and their customers.
“As this joint advisory makes clear, malicious cyber actors continue to target managed service providers, which can significantly increase the downstream risk to the businesses and organizations they support – why it’s critical that MSPs and their customers take action to protect their networks,” said CISA Director Jen Easterly. “Securing MSPs are critical to our collective cyber defense, and CISA and our interagency and international partners are committed to hardening their security and improving the resilience of our global supply chain.”
Source: CISA.govt
What makes MSPs an Attractive Target?
MSPs provide services that require both trusted network connectivity and privileged access to their clients’ infrastructures. Organizations ranging from small to large scale use MSP services to store data, support sensitive processes, or manage information and communications technology (ICT) systems.
Cyber attackers target MSPs for either of the two reasons:
- To gain valuable information and sensitive business data to monetize or use for personal gain
- or less likely, to make a political statement
A Successful breach of one MSP will also allow the attackers to gain access to possibly hundreds of clients. Attackers may also target a large organizations or government agencies by exploiting their MSPs in the hope their MSPs are the weakest point in the attack.
According to CheckPoint research, the MSP/ ISP sector was the most attacked industry in 2021. Every one out of thirty-six organizations were impacted in this sector, a jump of 32% from 2020.
Cyber Agencies Recommendations
Let us take a glance at the tactical actions that Cyber agencies recommend for MSPs to defend themselves and their clients against possible breaches:
- Protect internet-facing services by ensuring services are up to date and are limited to communicating through only the requisite restricted channels
- Defend against phishing attacks by keeping users and clients educated on the latest phishing trends and how to spot phishing attempts.
- Clients should ensure their MSP partner implements comprehensive security event management, and provide visibility, informing them of any suspected security incidents occurring on their infrastructure and networks.
- MSPs should recommend embracing multi-factor authentication across all client products and services.
- Clients should also ensure their MSPs implement MFA on the services and products they offer.
- Clients should ask their MSP partner to conduct an audit and verify all connections between MSP systems, other networks, and internal systems.
- Clients should identify and disable accounts that are no longer active or in use.
Follow us on Facebook, & LinkedIn or Contact us, 406-646-2102 and get your questions answered.
