Joint Cybersecurity Advisory – Protecting Against Cyber Threats to Managed Service Providers and their Customers

The cybersecurity authorities of the U.S., Australia, Canada, New Zealand, and the United Kingdom have released joint Cybersecurity Advisory (CSA) AA22-131A, warning of an increase in malicious cyber activity targeting managed service providers (MSPs) and this trend is expected to persist. The advisory offers specific steps MSPs and their customers can implement to reduce their risk of falling victim to a cyber intrusion. Some actions organizations can take right now to strengthen their defenses in regard to vendors, integrators, or other third-party relationships include disabling obsolete accounts and infrastructure, enforcing multifactor authentication (MFA), enabling/improving monitoring and logging processes, and applying the principle of least privilege. WaterISAC encourages its members to review the advisory and take action to protect against and mitigate this activity. Read the full advisory at CISA.