Intelligence has issued a warning of growing attacks on managed service providers by nation states and other threat groups.

New advice from US government agencies and intelligence partners Five Eyes shows an increase in hostile cyber activities targeting SMEs – a trend they expect to continue.

SMEs are entities with which companies agree to provide, manage or manage ICT services and functions for their customers. An attacker who successfully violates SMEs can provide a ready vector to target SME customers for follow-up, such as cyber espionage and ransom.

“The UK’s cybersecurity authorities, Australia, Canada, New Zealand and the United States expect malicious cyber actors – including state-sponsored Advanced Permanent Threat Groups (APTs) – to step up their focus on SMEs in an effort to leverage trust. supplier-customer, ‘ reads the notice.

“Whether the client’s network environment is local or externally hosted, threat participants can use vulnerable SMEs as an initial vector to access multiple victims’ networks, with global cascading effects.”

Successful supply-side cyberattacks can have catastrophic consequences, as these companies often have privileged access to customer networks. This was demonstrated in the major supply chain attack last summer against Kaseya, which offers remote IT monitoring software.

Although only about 60 of Kaseya’s MSP customers were compromised due to their high position in the supply chain, the attack affected another 1,500 businesses down the chain.

Cybersecurity agencies are urging SMEs to focus on cyber hygiene. The note also describes the tactics that SMEs and customers can take to reduce their chances of being hacked.

These include: identifying and deactivating accounts that are no longer in use; implementation of multifactor authentication of MSP accounts that have access to the client environment; and tracking authentication that fails for no apparent reason.

SME clients were also called upon to ensure that their contractual arrangements provide for their SMEs to implement the measures and controls described in the board. For example, deploying mitigation resources to protect vulnerable devices and services from attack methods such as password spreading, brute force, and phishing.

The council was signed jointly by the NSA, the FBI and cybersecurity centers in the United Kingdom, Australia, Canada and New Zealand.

This comes just six days after ThreatLocker issued a security alert warning MSP to jump into ransomware attacks involving remote control tools.

Acronis’ cyber threat report, published last year, found that SMEs are particularly vulnerable to ransomware and supply chain attacks, as cyber participants are now trying to use their own SME management tools, such as RMM or PSA, against them.

Previous articleAccording to new research, there may be invisible walls in space
Next articleBest Car Covers for 2022