CISA Cybersecurity Alerts 5.12.22
Ep 15 | 5.12.22

CISA Alert AA22-131A – Protecting against cyber threats to managed service providers and their customers.

Show Notes

The cybersecurity authorities of the UK, Australia, Canada, New Zealand, and the US have observed a recent increase in malicious cyber activity against managed service providers (MSPs). Allied cybersecurity authorities expect state-sponsored cyber actors to increase their targeting of MSPs in an attempt to exploit provider-customer trust relationships. This advisory includes security guidance tailored for both MSPs and their customers. 

AA22-131A Alert, Technical Details, and Mitigations

Technical Approaches to Uncovering and Remediating Malicious Activity

Mitigations and Hardening Guidance for MSPs and Small- and Mid-sized Businesses

APTs Targeting IT Service Provider Customers

ACSC's Managed Service Providers: How to manage risk to customer networks 

Global Targeting of Enterprise Managed Service Providers

Cyber Security Considerations for Consumers of Managed Services 

How to Manage Your Security When Engaging a Managed Service Provider

Kaseya Ransomware Attack: Guidance for Affected MSPs and their Customers

Baseline Cyber Security Controls for Small and Medium Organizations

Actions to take when the cyber threat is heightened

Top 10 IT Security Action Items to Protect Internet Connected Networks and Information

CCCS's Alert: Malicious Cyber Activity Targeting Managed Service Providers 

CISA Cybersecurity Alert: APT Activity Exploiting MSPs (2018)

CISA Cyber Essentials and CISA Cyber Resource Hub 

Improving Cybersecurity of Managed Service Providers 

Shields Up Technical Guidance

All organizations should report incidents and anomalous activity to CISA’s 24/7 Operations Center at or (888) 282-0870 and to the FBI via your local FBI field office or the FBI’s 24/7 CyWatch at (855) 292-3937 or