{"id":35705,"date":"2022-05-11T09:45:00","date_gmt":"2022-05-11T09:45:00","guid":{"rendered":"https:\/\/cloudnewshub.com\/archives\/35705"},"modified":"2022-05-11T09:45:00","modified_gmt":"2022-05-11T09:45:00","slug":"cyberuk-22-five-eyes-focuses-on-msp-security","status":"publish","type":"post","link":"https:\/\/cloudnewshub.com\/?p=35705","title":{"rendered":"CyberUK 22: Five Eyes focuses on MSP security"},"content":{"rendered":"<div><img decoding=\"async\" src=\"http:\/\/cloudnewshub.com\/wp-content\/uploads\/2022\/05\/cyberuk-22-five-eyes-focuses-on-msp-security.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>The Anglophone Five Eyes intelligence alliance has issued a joint advisory, coinciding with the National Cyber Security Centre\u2019s (NCSC\u2019s) <a href=\"https:\/\/www.cyberuk.uk\/website\/7174\/\">annual CyberUK conference<\/a>, alerting IT managed service providers (MSPs) and their customers to potential <a href=\"https:\/\/www.techtarget.com\/searcherp\/definition\/supply-chain-security\">supply chain cyber attacks<\/a>.<\/p>\n<p><a href=\"https:\/\/www.ncsc.gov.uk\/files\/AA22-131A_Protecting_Against_Cyber_Threats_to_MSPs_and_their_Customers.pdf\">The joint advisory<\/a>, which is backed by the national cyber bodies of Australia, Canada, New Zealand, the UK and US, sets out a series of practical steps that can be taken to reduce the risk of falling victim to a supply chain compromise \u2013 such as those that famously befell users of Solarwinds and Kaseya, in which threat actors used a vulnerable product or service as an initial access point to the networks of customers, resulting in globally cascading effects.<\/p>\n<p>The authorities have previously issued guidance on this topic, but the latest advisory zeroes in on enabling transparent, well-informed discussions between MSPs and their customers, centring on securing sensitive information and data.<\/p>\n<p>They said these discussions should lead to a re-evaluation of existing security processes and contractual agreements to accommodate the customer\u2019s risk appetite.<\/p>\n<p>It can also be read in conjunction with related guidance issued <a href=\"https:\/\/www.ncsc.gov.uk\/guidance\/actions-to-take-when-the-cyber-threat-is-heightened\">in relation to the war in Ukraine<\/a>, as many recent supply chain intrusions have been orchestrated by Russia-based threat actors, and it is considered a distinct possibility that such incidents will continue to occur as the war goes badly for Russia.<\/p>\n<p>\u201cWe are committed to further strengthening the UK\u2019s resilience, and our work with international partners is a vital part of that,\u201d said NCSC CEO Lindy Cameron.<\/p>\n<p>\u201cOur joint advisory with international partners is aimed at raising organisations\u2019 awareness of the growing threat of supply chain attacks and the steps they can take to reduce their risk.\u201d<\/p>\n<p>Jen Easterly, director of the US\u2019s&nbsp;<a href=\"https:\/\/www.cisa.gov\/\">Cybersecurity and Infrastructure Security Agency<\/a> (CISA), said: \u201cI strongly encourage both managed service providers and their customers to follow this and our wider guidance \u2013 ultimately this will help protect not only them but organisations globally.<\/p>\n<p>\u201cAs this advisory makes clear, malicious cyber actors continue to target managed service providers, which is why it\u2019s critical that MSPs and their customers take recommended actions to protect their networks.<\/p>\n<p>\u201cWe know that MSPs that are vulnerable to exploitation significantly increase downstream risks to the businesses and organisations they support,\u201d said Easterly. \u201cSecuring MSPs is critical to our collective cyber defence, and CISA, and our interagency and international partners, are committed to hardening their security and improving the resilience of our global supply chain.\u201d<\/p>\n<p>Cameron and Easterly\u2019s Australian counterpart, Abigail Bradshaw, added: \u201cMSPs are vital to many businesses, and as a result, a major target for malicious cyber actors.<\/p>\n<p>\u201cThese actors use them as launch pads to breach their customers\u2019 networks, which we see are often compromised through ransomware attacks, business email compromises and other methods.<\/p>\n<p>\u201cEffective steps can be taken to harden their own networks and protect their client information,\u201d she said. \u201cWe encourage all MSPs to review their cyber security practices and implement the mitigation strategies outlined in this advisory.\u201d<\/p>\n<section class=\"section main-article-chapter\" data-menu-title=\"Advisory guidance\">\n<h3 class=\"section-title\"><i class=\"icon\" data-icon=\"1\"><\/i>Advisory guidance<\/h3>\n<p>Some of the guidance contained in the advisory includes an emphasis of the importance of storing the most important logs for at least six months, given incidents can take a long time to detect; the adoption of multi-factor authentication across MSP customer bases, and mandating its use in contracts; and prompt attention to patching known exploited vulnerabilities in software, operating systems and firmware \u2013 <a href=\"https:\/\/www.cisa.gov\/known-exploited-vulnerabilities-catalog\">CISA maintains a highly cromulent list of these<\/a>, which, though pitched at US organisations, are globally relevant.<\/p>\n<p>The advisory also clarifies that these guidelines should be implemented as appropriate to an organisation\u2019s unique environment, in accordance with its specific security needs, and in compliance with various regulations.<\/p>\n<\/section>\n","protected":false},"excerpt":{"rendered":"<p>The Anglophone Five Eyes intelligence alliance has issued a joint advisory, coinciding with the National Cyber Security Centre\u2019s (NCSC\u2019s) annual CyberUK conference, alerting IT managed service providers (MSPs) and their customers to potential supply chain cyber attacks. The joint advisory, which is backed by the national cyber bodies of Australia, Canada, New Zealand, the UK [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":35706,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[533],"tags":[],"class_list":["post-35705","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-it"],"_links":{"self":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/posts\/35705","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=35705"}],"version-history":[{"count":0,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/posts\/35705\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/media\/35706"}],"wp:attachment":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=35705"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=35705"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=35705"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}