On May 11, 2022, the national Cybersecurity & Infrastructure Security Agency (CISA) issued a security alert warning about the increase in malicious cyber activity targeting Managed Service Providers (MSPs).
Threat actors are focusing on infiltration of MSPs in the effort to gain access to their provider-customer network trust privileges. If breached, not only does the MSP itself become compromised, but it can inadvertently enable a cascade of breaches across its entire customer base. Cybercrime such as data exfiltration, ransomware, and cyber espionage are then enacted throughout multiple victim networks.
Cybersecurity authorities expect malicious cyber actors to continue — and increase efforts — to breach MSPs. MSPs and their customers are advised to implement and strengthen cybersecurity safeguards and operational controls.
The CISA alert recommends that MSP customers verify that contractual agreements with their provider include cybersecurity controls in line with their firm’s security requirements, and that MSPs re-evaluate security processes and contractual commitments to accommodate customer risk tolerance.
For a complete list of recommended actions, read the complete CISA alert (AA22-131A) at cisa.gov.
CISA Alert AA22-131A