Recent corporate network compromises through misuse of remote access tools used by MSPs demonstrate why country-aligned threat actors should be on the radar of IT service providers
Managed service providers (MSPs) that do not see themselves as targets of state-aligned threat actors may need to think again. While many may associate advanced persistent threat (APT) groups with cyber espionage that only target state agencies and large corporations, the fact is that some of these groups are increasingly setting their sights on managed service providers (MSP) with a view to eventually targeting they. customer.
Case in point: earlier this week, we wrote about how an Iran-aligned APT group called MuddyWater had gained access to the networks of several companies by abusing the remote access tools used by MSPs.