The Five Eyes group of nations issued clear security warnings and guidance for MSPs.
The Five Eyes is a group of nations, focused on mutual security concerns. Right now, they're concerned about MSPs and their clients.
Five Eyes is comprised of the US, UK, Australia, New Zealand and Canada.
For starters, if you think your government can't get much done, you have to recognize the importance when FIVE governments can come together on a common message.
In their efforts to compromise MSPs, malicious cyber actors exploit vulnerable devices and internet-facing services, conduct brute force attacks, and use phishing techniques.
The Five Eyes issued an advisory that they are "aware of recent reports that observe an increase in malicious cyber activity targeting managed service providers (MSPs) and expect this trend to continue."
When the Five Eyes talk, we find it wise to listen.
So here are some highlights from their guidance (for the entire report, go here)...
The advisory notes that hackers will target "vulnerable devices and internet-facing services, conduct brute force attacks, and use phishing techniques."
The CISA has excellent resources on hardening VPN solutions, defending against brute force attacks and avoiding phishing attacks.
From CISA's Strengthening Security Configurations to Defend Against Attackers Targeting Cloud Services (link here):
"Focus on awareness and training. Make employees aware of the threats—such as phishing scams—and how they are delivered. Additionally, provide users training on information security principles and techniques as well as overall emerging cybersecurity risks and vulnerabilities."
This one is easier said than done, so here are is some guidance:
This is massive, and every MSP knows it. The problem isn't that the MSP doesn't know it. It's that the customer doesn't want the headache. Here's a little more reinforcement from the Five Eyes:
First, MSPs should make sure they understand their own environment. Next, here are some points to consider:
Only provide the lowest level of access or privilege that's necessary, internally and externally.
Ensure you have processes in place to remove unneeded or obsolete accounts. This helps limit your attack surface.
Patch! This is one that will be screamed over and over. And as always, it's easier said than done.
With near certainty, you've already got a backup provider. Some of the tips from Five Eyes:
As Mike Tyson said, "everyone has a plan until they get punched in the mouth." So let's plan for what we do after we take that punch.
This stands to remain a hot topic in coming years. We all have supply chains to be aware of and mitigate when able.
It's much better to have clarity on risks, responsibilities and liabilities ahead of any security incident.
Compromised credentials are like gold to cybercriminals. Let's avoid those intrusions.
Ok, that was a lot!
It's critical that your MSP's contracts and SLAs match the risks and expectations of the client.
With INFIMA, you'll make your Security Awareness Training easy to implement and touch-free to manage.
Rest assured knowing that users are phished, re-targeted and taught safe behaviors. This keeps your clients safe and your MSP protected.
If you're an MSP and want to learn more, go check out how we work with Partners here. If you like what you see, book a time to chat!
Photo by Doun Rain AKA Tomas Gaspar on Unsplash
Join the newsletter to receive the latest updates in your inbox.