The National Cyber Security Centre (NCSC) and a number of international partners have published a joint advisory notice with guidance on cyber protection in the supply chain.
It related the initiative to incidents such as the attack through Solarwinds network management software in 2020, clients of which included a range of UK public sector and defence organisations, and concerns about an increase in attacks in the wake of Russia’s invasion of Ukraine.
The advisory includes a series of practical steps for managed service providers (MSPs) and their customers and has been issued with the US Cybersecurity and Infrastructure Security Agency, National Security Agency, and Federal Bureau of Investigation, and the Australian Cyber Security Centre, Canadian Centre for Cyber Security and the New Zealand National Cyber Security Centre.
NCSC said MSPs provide IT support to their customers in various ways, for example through software or cyber security services, and in order to do so they are granted privileged access to a customer’s network. This can create opportunities for attackers, who can gain access to an organisation’s network by compromising their MSPs.
Recommendations include the improvement of monitoring and log-in processes, the enforcement of multi-factor authentication, the segregation of internal networks and application of the principle of least privilege.
Strengthening resilience
NCSC CEO Lindy Cameron said: “We are committed to further strengthening the UK’s resilience, and our work with international partners is a vital part of that.
“Our joint advisory with international partners is aimed at raising organisations’ awareness of the growing threat of supply chain attacks and the steps they can take to reduce their risk.”
