CISA Alert AA22-131A – Protecting against cyber threats to managed service providers and their customers. [CISA Cybersecurity Alerts]

Cybersecurity authorities from the UK, Australia, Canada, New Zealand, and the US have noticed an increase in malicious cyber activities targeting managed service providers (MSPs). These authorities believe that state-sponsored cyber actors will continue to exploit the trust relationships between MSPs and their customers. This advisory provides security guidance for both MSPs and their customers. It includes technical details on uncovering and remediating malicious activities, mitigations and hardening guidance for MSPs and small to mid-sized businesses, and considerations for consumers of managed services. The advisory also covers actions to take when the cyber threat is heightened and provides resources for improving cybersecurity. All organizations should report incidents and anomalous activity to the appropriate authorities.