The latest compromise of the networks of a number of corporations by way of the abuse of a distant entry software utilized by MSPs exemplifies why state-aligned risk actors ought to be on the radars of IT service suppliers
Managed service suppliers (MSPs) that don’t contemplate themselves targets for state-aligned risk actors could must suppose once more. Whereas many individuals could affiliate superior persistent risk (APT) teams with cyberespionage focusing on solely state businesses and huge companies, the very fact is that a few of these teams have more and more been setting their sights on managed service suppliers (MSPs) with an eye fixed in the direction of finally focusing on their prospects.
Living proof: earlier this week, we wrote about how an Iran-aligned APT group referred to as MuddyWater had gained entry to the networks of a number of corporations by abusing a distant entry software utilized by MSPs.