October 03, 2018
DHS Issues Cybersecurity Alert for MSPs
The Department of Homeland Security has issued an alert to MSPs and IT Service Providers warning of an advanced persistent threat (APT). APTs typically rely on stealthy techniques to maintain anonymity while conducting their attacks. These may include the use of legitimate credentials and trusted off-the-shelf applications and pre-installed system tools present in MSP customer networks.
Pre-installed system tools, such as command line scripts, are very common and used by system administrators for legitimate processes. Command line scripts are used to discover accounts and remote systems.
The alert encourages customers of MSPs to implement a defense-in-depth strategy to protect their infrastructure assets and increase the probability of successfully disrupting APT activity.
The National Cybersecurity & Communication Integration Center (NCCIC) recommends MSP customers review the resources below to help formulate and build their defense-in-depth strategy.
To learn more about the alert and how to mitigate the threat, head over to the DHS website for additional resources and information.