back to article Five Eyes turn spotlight on MSPs: Potential weak links in IT supply-chain security

Miscreants are targeting managed service providers (MSPs) to break into their customers' networks and deploy ransomware, steal data, and spy on them, the Five Eyes nations' cybersecurity authorities have formally warned in a joint security alert. "The UK, Australian, Canadian, New Zealand, and US cybersecurity authorities …

  1. amanfromMars 1 Silver badge

    What would Your Preference Be if You had a Choice? A Malevolent Threat or an AI Treat?

    Jessica, Hi,

    Thanks for that informative read. It was very revealing, which is always something to be greatly appreciated and made most welcome.

    One does well to note though that governments themselves are powerless against such adversaries/miscreants as are highlighted in your report on that CISA Alert (AA22-131A)/Protecting Against Cyber Threats to Managed Service Providers and their Customers with all that can be realistically expected of them is as you say .... it's welcoming to see governments not only recognize the threat but also attempt to highlight it.

    Solution/Resolution/Mitigation of such as are considered threats are surely solely in the gift of private and/or pirate special agents/agencies extremely ACTive in the virtual sector who/which may or may not have contracted themselves to manage, on behalf of a government/alliance/union of surreal satellite republics, cyber threats. One imagines those that do realise it fantastically lucrative and spectacularly rewarding.

    And one has to also consider the flip side of the cyber threat coin, the virtual treat, which an Advanced IntelAIgent and novel creative element, rather than any miscreant, would be more fully invested in, That is not to say that the virtual treat would not be equally as disruptive as the cyber threat, however the scale of the destruction wrought in the changes delivered by the former creative element as opposed to the carnage and chaos left by the latter miscreant threat would be of another order of significance and magnitude.

    :-) El Regers, once having read and considering most all of the information provided in Five Eyes turn spotlight on MSPs: Potential weak links in IT supply-chain security may like to ponder and pass comment on what they would like to think the following to really be, specifically, whether a MSP cyber threat or spooky virtual treat ....... or neither if that is your conclusion and honest opinion .... for it does deal in very similar parallel entangled and entangling issues.

    amanfromMars [2205111909] ...... sharing a not so top secret secret on https://www.nationaldefensemagazine.org/articles/2022/5/11/the-monumental-task-of-tackling-ai-at-the-pentagon

    [Thank you. Your comment will be displayed soon after reviewing.]

    The individual must be someone who can look at a large volume of data, interpret the information according to Pentagon objectives, and provide data visualization that is meaningful to those who need it.

    Nowadays, and for at least the foreseeable future, to guarantee success and ensure that the Pentagon can be an agent of real change and almighty lead, must that individual be someone able to provide for data virtualisation with metadatabase visualisation the product for realisation and universal presentation.

    Such is certainly what they will be confronting and competing or opposing them. I Kid U Not.

    Have a nice day, y'all.

  2. Pascal Monett Silver badge
    FAIL

    Password spraying

    What a terrible link. There is nothing on that page that gives a hint anywhere that it will explain what password spraying is (and it doesn't). It talks about a new APT group (at the time), about phishing and 2FA, and it mentions "Identity and access management", but there isn't a single mention of password spraying anywhere.

    A much better link for those of you who didn't have a clue is this article, which makes things clear in a simple way.

  3. Potemkine! Silver badge

    "The UK, Australian, Canadian, New Zealand, and US cybersecurity authorities expect malicious cyber actors — including state-sponsored advanced persistent threat (APT) groups — to step up their targeting of MSPs in their efforts to exploit provider-customer network trust relationships," the alert warned.

    =>

    "The UK, Australian, Canadian, New Zealand, and US cybersecurity authorities expect malicious cyber actors — including state-sponsored advanced persistent threat (APT) groups and ourselves — to step up their targeting of MSPs in their efforts to exploit provider-customer network trust relationships," the alert warned.

    FTFY.

    Trusting the Five Eyes? No way.

    1. amanfromMars 1 Silver badge

      Beware Cyberwar Warefare Exponents .... They and IT Takes No Prisoners.

      If the honest to goodness naked truth be told, Potemkine!, the UK, Australian, Canadian, New Zealand, and US cybersecurity authorities are quite right to be fully fearful and terrified of such as be malicious cyber actors.

      They are a clear and present danger out there in the vast wide open wastes of the virtual world and even more so much closer to home if ever the thought of them being successfully sanctioned by the imposition of retrograde negative post fact moderation/free alternative thought internment/blanket state censorship be imagined and attempted as a viable answer.

      The last thing authorities need though are reactions/proactions from them which cannot be defeated .... Troubles .... from that and those practically safe and virtually secure and almighty comfortable in the shade and shadows and havens of dark webs ...... Undergrounds.

      To pick a vainglorious fight with a foe you don't really know is a fools' folly that delivers only woe.

      Hmmm .... Friday the 13th ... Unlucky for some [so they say]

  4. Chz

    Did anyone else read the headline and wonder what made Members of the Scottish Parliament so prone to leaking data vs. their Westminster kin?

    1. Danny 2 Silver badge

      Aye, I even googled it before I read the first line of the article.

      The best way to solve this TLA stramash is Scottish independence, as MSPs will simply be MPs.

  5. martinusher Silver badge

    Kremlin backed?

    If I recall correctly Solar Winds was about a sloppy code update, not a carefully crafted state-sponsored attack on selected targets. I daresay some spokesperson or journalist pointed the finger at Russia -- "The Kremlin" -- but I don't recall any definitive analysis of who/what/where, we were just told it was "A Very Bad Thing" and "It Must Have Been Them Doing It".

    1. Pascal Monett Silver badge

      Re: Kremlin backed?

      I disagree. I recall that Solarwinds123 got itself hacked in a long, very discreet process which injected malware into a critical portion of the update process. Once the update was installed on customer sites and the shit hit the fan, the whole thing was discovered.

      This was not a Borkzilla update, this was a true hack.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2022