The cybersecurity authorities of the UK, Australia, Canada, New Zealand, and the US have observed a recent increase in malicious cyber activity against managed service providers (MSPs). Allied cybersecurity authorities expect state-sponsored cyber actors to increase their targeting of MSPs in an attempt to exploit provider-customer trust relationships. This advisory includes security guidance tailored for both MSPs and their customers. AA22-131A Alert, Technical Details, and MitigationsTechnical Approaches to Uncovering and Remediating Malicious ActivityMitigations and Hardening Guidance for MSPs and Small- and Mid-sized BusinessesAPTs Targeting IT Service Provider CustomersACSC's Managed Service Providers: How to manage risk to customer networks Global Targeting of Enterprise Managed Service ProvidersCyber Security Considerations for Consumers of Managed Services How to Manage Your Security When Engaging a Managed Service ProviderKaseya Ransomware Attack: Guidance for Affected MSPs and their CustomersBaseline Cyber Security Controls for Small and Medium OrganizationsActions to take when the cyber threat is heightenedTop 10 IT Security Action Items to Protect Internet Connected Networks and InformationCCCS's Alert: Malicious Cyber Activity Targeting Managed Service Providers CISA Cybersecurity Alert: APT Activity Exploiting MSPs (2018)CISA Cyber Essentials and CISA Cyber Resource Hub Improving Cybersecurity of Managed Service Providers Shields Up Technical GuidanceAll organizations should report incidents and anomalous activity to CISA’s 24/7 Operations Center at central@cisa.dhs.gov or (888) 282-0870 and to the FBI via your local FBI field office or the FBI’s 24/7 CyWatch at (855) 292-3937 or CyWatch@fbi.gov. Learn more about your ad choices. Visit megaphone.fm/adchoices