• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

Five Eyes Nations Issue New Supply Chain Security Advisory

You are here: Home / General Cyber Security News / Five Eyes Nations Issue New Supply Chain Security Advisory
May 11, 2022

Businesses have been urged to acquire action to safe their offer chains pursuing Russia’s invasion of Ukraine in a joint advisory by the 5 Eyes nations.

The document, ‘Protecting From Cyber Threats to Managed Provider Vendors and their Customers,’ has been issued jointly by appropriate govt companies from the 5 Eyes security alliance. These are the UK’s Countrywide Cyber Security Centre (NCSC), the US’ Cybersecurity and Infrastructure Security Agency (CISA), National Security Company (NSA) and Federal Bureau of Investigation (FBI), the Australian Cyber Security Centre (ACSC), the Canadian Centre for Cyber Security (CCCS) and the New Zealand Countrywide Cyber Security Centre (NZ NCSC).

The advisory sets out useful actions managed services suppliers (MSPs) and their prospects can choose to prevent falling target to a cyber intrusion. This is designed to empower transparent conversations between MSPs and their prospects on securing sensitive data for example, encouraging prospects to guarantee their contractual arrangement specifies that their MSP implements these actions and controls. Among the realistic measures outlined are:

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


  • Applying resources to reduce original entry techniques these as phishing
  • Enabling/improving monitoring and logging processes
  • Implementing multi-factor authentication (MFA)
  • Taking care of inside architecture and segregating inside networks
  • Implementing the basic principle of minimum privilege

The new advisory arrives amid escalating worries cyber risk actors are progressively focusing on MSPs to obtain obtain to the networks of numerous organizations. One particular higher-profile case in point was the SolarWinds incident in 2020, which impacted prospects all over the world. This is believed to have been done by Russian-point out-backed operatives for espionage needs.

Corporations are becoming inspired to take into account the advisory in conjunction with other direction from businesses like the NCSC and CISA in relation to heightened geopolitical tensions resulting from the Russia-Ukraine conflict.

NCSC CEO Lindy Cameron commented: “We are fully commited to additional strengthening the UK’s resilience, and our get the job done with international associates is a vital element of that.

“Our joint advisory with international partners is aimed at elevating organizations’ recognition of the growing menace of offer chain attacks and the measures they can just take to minimize their risk.”

CISA Director Jen Easterly additional: “I strongly persuade the two MSPs and their shoppers to stick to this and our wider assistance – ultimately, this will assist secure not only them but organizations globally.

“As this advisory can make obvious, malicious cyber actors go on to concentrate on MSPs, which is why it is critical that MSPs and their buyers take recommended steps to shield their networks.

“We know that MSPs that are vulnerable to exploitation drastically improves downstream pitfalls to the firms and companies they help. Securing MSPs is critical to our collective cyber defense, and CISA and our interagency and international partners are fully commited to hardening their security and enhancing the resilience of our world supply chain.”

The announcement was made on Day 2 of the CYBERUK conference 2022, taking place in Wales, UK.

In March, Ian Levy, complex director of the NCSC, urged the community sector, critical infrastructures (CNI) and other companies to reconsider the possible risks associated with any “Russian-controlled” sections of their provide chain.


Some pieces of this posting are sourced from:
www.infosecurity-journal.com

Previous Post: «bitter apt hackers add bangladesh to their list of targets Bitter APT Hackers Add Bangladesh to Their List of Targets in South Asia
Next Post: Securing endpoints amid new threats securing endpoints amid new threats»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Enzo Biochem Hit by Ransomware, 2.5 Million Patients’ Data Compromised
  • US and Korean Agencies Issue Warning on North Korean Cyber-Attacks
  • Malicious PyPI Packages Use Compiled Python Code to Bypass Detection
  • New Botnet Malware ‘Horabot’ Targets Spanish-Speaking Users in Latin America
  • The Importance of Managing Your Data Security Posture
  • Camaro Dragon Strikes with New TinyNote Backdoor for Intelligence Gathering
  • Insurers Predict $33bn Bill for Catastrophic “Cyber Event”
  • Chinese Phishing Gang “PostalFurious” Expands Campaign
  • Kaspersky Says it is Being Targeted By Zero-Click Exploits
  • North Korea’s Kimsuky Group Mimics Key Figures in Targeted Cyber Attacks

Copyright © TheCyberSecurity.News, All Rights Reserved.