The compromise of several Managed Service Providers (MSPs) global networks was reported in 2017. In response, the ACSC provided stakeholders with the information they needed to protect themselves and others from this threat. Impacted MSPs were made aware, and some are actively managing their own internal response to the threat.
In 2018, sophisticated cyber adversaries continue to target and compromise MSPs and, through them, their customers. The ACSC reiterates the need for organisations to scrutinise the cyber security measures implemented in contracted ICT solutions to combat the threat.