Cybersecurity agencies from the Five Eyes intelligence alliance warned of increased cyberattacks targeting managed service providers (MSPs) on Wednesday morning.
The agencies from the U.S., U.K., Australia, Canada and New Zealand said to “expect state-sponsored advanced persistent threat (APT) groups and other malicious cyber actors to increase their targeting of MSPs against both provider and customer networks.”
MSPs are companies paid to manage IT infrastructure and provide support. The companies typically provide remote IT services to smaller businesses lacking an IT department.
In July 2021, dozens of MSPs were attacked by the REvil ransomware group through Kaseya, a provider of remote management solutions. More than 1,500 organizations around the world were affected by the ransomware attack, largely through their MSPs’ connections to Kaseya.
The government agencies said on Wednesday that they are “aware of recent reports that observe an increase in malicious cyber activity targeting managed service providers (MSPs) and expect this trend to continue.” The alert does not refer to any specific incidents.