A joint advisory issued by the Five Eyes nations has urged organisations to secure their supply chains as the war in Ukraine continues.
The document, ‘Protecting Against Cyber Threats to Managed Service Providers and their Customers,’ was released jointly by relevant government agencies from the Five Eyes security alliance.
The authorities are:
The UK’s National Cyber Security Centre (NCSC), the US’ Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA) and Federal Bureau of Investigation (FBI), the Australian Cyber Security Centre (ACSC), the Canadian Centre for Cyber Security (CCCS) and the New Zealand National Cyber Security Centre (NZ NCSC).
Aside from being a warning, the document provides practical advice for managed service providers (MSPs) and their customers to avoid falling foul of a cyberattack.
Among the guidelines are:
- Implementing tools to prevent initial access methods such as phishing
- Enabling/improving monitoring and logging processes
- Enforcing multi-factor authentication (MFA)
- Managing internal architecture and segregating internal networks
- Applying the principle of least privilege