Hackers Are Going After Managed Security Providers

Australia, Canada, New Zealand, the United Kingdom, and the United States are the members of the intelligence partnership known as the “Five Eyes,” sometimes abbreviated as “FVEY.”  These nations are signatories to the multilateral UKUSA Agreement, which is a pact for coordinating their efforts in the field of signals intelligence.

What Happened?

As BleepingComputer reports, members of the intelligence organization known as the Five Eyes (FVEY) issued a warning to managed service providers (MSPs) and the consumers of those MSPs, stating that supply chain hacks are becoming more common.

Multiple cybersecurity and law enforcement organizations from FVEY nations (NCSC-UK, ACSC, CCCS, NCSC-NZ, CISA, NSA, and FBI) have collaborated to provide recommendations for managed security providers (MSPs) on how to protect networks and sensitive data from the growing number of cyberattacks.

Whether the customer’s network environment is on premises or externally hosted, threat actors can use a vulnerable MSP as an initial access vector to multiple victim networks, with globally cascading effects. The UK, Australian, Canadian, New Zealand, and U.S. cybersecurity authorities expect malicious cyber actors—including state-sponsored advanced persistent threat (APT) groups—to step up their targeting of MSPs in their efforts to exploit provider-customer network trust relationships. For example, threat actors

Read More: https://heimdalsecurity.com/blog/hackers-are-going-after-managed-security-providers/