The govermental agencies of the United Kingdom, Australia, Canada, New Zealand, and the United States have released a joint security advisory specifically to advise Managed Service Providers (MSPs) on how to protect against malicious cyber activity targeting them and their customers.
The advisory also provides some tactical actions that should be taken:
- Identify and disable accounts that are no longer in use.
- Enforce MFA on MSP accounts that access the customer environment and monitor for unexplained failed authentication.
- Ensure MSP-customer contracts transparently identify ownership of information and communications technology (ICT) security roles and responsibilities.