The intelligence alliance Five Eyes (FVEY) urges managed service providers (MSPs) about an increase in cyberattacks. FVEY noticed that harmful cyber-criminals activities tend to grow, targeting MSPs. The alliance expects the trend to continue for some time. That’s why it published a document warning about the possible cybersecurity landscape and recommended the way of avoiding such cyberattacks.
About FVEY’s Alert in General Terms
FVEY followed the best information and communication technologies (ICT) methodologies in its guidance. The aim is to help managed service providers (MSPs) communicate clearly with their clients. It means that MSPs should give transparent advice on responding to incidents and recovering from them in treaties. Likewise, clients should guarantee that they completely understand all security demands, no matter if these demands are under their agreement or not.
Therefore, according to their security requirements and relevant provisions, MSPs should implement these methods in their working process. In addition, clients need to ensure that their MSP’s treaty mechanisms include the appropriate cyber safeguards.
What is FVEY?
The Five Eyes (FVEY) is the alliance that appeared due to an agreement between five anglophone democratic countries on sharing intelligence. It includes the United States of America, the United Kingdom, Australia, New Zealand, and Canada. The roots of the alliance went from the Second World War period when codebreakers from the USA and UK met at informal gatherings. However, the peak of FVEY’s activity occurred when it developed the method of supervising the USSR and exchanging secret information.
Why do FVEY Alerts Exactly MSPs?
According to the FVEY’s documentation, managed service providers (MSPs) are organizations responsible for performing specific clients’ functions under the treaty arrangement. For example, providers may take care of their clients’ level of service, etc. Nowadays, many companies collaborate with MSPs because it’s more profitable to outsource the provision of ICT and IT infrastructure services.
In this way, MSPs have always been an appealing goal for cyber villains and national threat actors. Providers usually require access to their clients’ networks to provide their services. Cybercriminals tend to use managed service providers’ weak spots to get initial access to all organizations with which MSPs collaborate. Eventually, it’s elementary to attack an MSP and get access to data of numerous companies than to target each of these companies separately. Thus, this kind of attack may strike entities worldwide as it spreads cascadingly.
Also, it takes months to detect the invasion when data that MSPs obtain is under threat. So, during detection, cyber villains may commit cyber spying on MSPs and their clients or prepare for further attacks.
What does FVEY Recommend for MSPs of Their Countries?
Under the Five Eyes’ alert, MSPs must consider actions of cyber defense improvement to avoid the primary threat. Usually, cybercriminals maliciously use Internet-based services or devices that have weak points. In addition, threat actors apply brute strength techniques and phishing to consolidate MSPs’ networks. So, to avoid such attacks, FVEY urges managed service providers (MSPs) and their clients to undertake the following measures:
- Heighten the safety of devices with weaknesses;
- Safeguard Internet-based services;
- Shield from brute force techniques (especially from attacks that tries the same password on a large number of accounts);
- Protect from phishing attacks.
Additional Information
The Five Eyes (FVEY) alliance states that it is a pretty efficient cyberattack method. Russia- and China-funded efficient attacks aimed to conduct cyber-spying campaigns. They also targeted network access for spying and avoiding potential large-scale malicious software cyberattacks.
Also, FVEY offers the additional steps for MSPs and their clients to maintain the security of their networks:
- Manage internal system design and divide internal supply lines;
- Give up using legacy profiles and cyber-infrastructure;
- Update systems at once if possible;
- Make regular reserve copies of data and systems and test them;
- Develop and implement a plan of responding to incidents and a recovery one;
- Be aware of supply chain threats and manage them in advance;
- Verify accounts and their area of access.
So far, covered entities and individuals should implement all these measures individually. Before making any steps, MSPs and their clients should thoroughly analyze their environment and security needs in particular.
Check our regular news updates to stay aware of the latest cybersecurity sphere and HIPAA field events!
