Aussie MSP breached by China hack, gov responds with education program

By on
Aussie MSP breached by China hack, gov responds with education program

An Australian managed services provider (MSPs) was successfully attacked in 2017 and all are now at risk, according to the Australian Cyber Security Centre (ACSC), which has created a new program to help MSPs stay secure in order to boost confidence in the sector.

The source of the attack was identified in 2016 by PWC, which named it " Cloud Hopper". The ACSC, which is an arm of the Australian Signals Directorate, late last week revealed that it warned local MSPs of the attack in early 2017 and again last week. The second warning came after allegations emerged that the attack was directed by China and penetrated IBM and HPE, among other MSPs.

Coinciding with that news, the Centre published an incident report [PDF] detailing how “a computer belonging to the Australian arm of a multinational construction services company was compromised with specific malware … using an administrator account provisioned legitimately to one of the victim’s MSPs.”

The ACSC clearly expects more such incidents, because it has created a new MSP partner program to “enhance the security posture of Managed Service Providers (MSPs) in Australia.” Details of the program are scanty at the time of writing, but the ACSC it will include “an evaluation activity that assesses partners’ performance against the objectives of MSP3, with the aim of increasing Australian business, enterprise and government confidence in the MSP sector.”

“MSPs will be encouraged to join the program to demonstrate commitment to continually improving their cyber security resilience,” the agency wrote. “They will then become eligible for a number of services and activities delivered through our Joint Cyber Security Centres, including:

  • The MSP Partner Forum – a national workshop that provides threat intelligence and identifies recurrent challenges and risks for MSPs
  • 24⁄7 situational awareness products – access to ACSC threat intelligence in real time
  • Provision of ACSC advice – to promote the benefits of cyber security best practice

Critically, participation the program will see MSPs  “… will receive peer and public recognition … including listing on cyber.gov.au and in other ACSC materials." By showcasing MSPs that seek out its expertise, the ACSC hopes to increase confidence in the entire MSP sector.

CRN therefore imagines that the ACSC will receive rather a lot of applications to enter the course when they open in January 2019 (and close in April 2019) – because what MSP would want not be listed as having completed the government’s recommended security training?

 

 

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © nextmedia Pty Ltd. All rights reserved.
Tags:
australian cyber security centre security

Partner Content

Channel can help lead customers to boosting workplace wellbeing with professional headsets
Channel can help lead customers to boosting workplace wellbeing with professional headsets
How NinjaOne Is Supporting The Channel As It Builds An Innovative Global Partner Program
How NinjaOne Is Supporting The Channel As It Builds An Innovative Global Partner Program
Ingram Micro Ushers in the Age of Ultra
Ingram Micro Ushers in the Age of Ultra
Build cybersecurity capability with award winning Fortinet training from Ingram Micro
Build cybersecurity capability with award winning Fortinet training from Ingram Micro
Kaseya Dattocon APAC 2024 is Back
Kaseya Dattocon APAC 2024 is Back

Sponsored Whitepapers

Stop Fraud Before It Starts: A Must-Read Guide for Safer Customer Communications
Stop Fraud Before It Starts: A Must-Read Guide for Safer Customer Communications
The Cybersecurity Playbook for Partners in Asia Pacific and Japan
The Cybersecurity Playbook for Partners in Asia Pacific and Japan
Pulseway Essential Eight Framework
Pulseway Essential Eight Framework
7 Best Practices For Implementing Human Risk Management
7 Best Practices For Implementing Human Risk Management
2025 State of Machine Identity Security Report
2025 State of Machine Identity Security Report

Events

techpartner.news MSP index - Brisbane
techpartner.news MSP index - Brisbane
techpartner.news Channel Leader List / Golf day
techpartner.news Channel Leader List / Golf day
techpartner.news Pipeline Conference 2025
techpartner.news Pipeline Conference 2025
Integrate Expo 2025
Integrate Expo 2025
Security Exhibition & Conference 2025
Security Exhibition & Conference 2025

Most read articles

AI ambition: Nick Beaugeard looks to harness AI agents to provide tech services

AI ambition: Nick Beaugeard looks to harness AI agents to provide tech services
Vic gov to spend $100m on cyber security

Vic gov to spend $100m on cyber security
MSPs pressed to review ransomware response as new reporting rules commence

MSPs pressed to review ransomware response as new reporting rules commence
Tech Research Asia to present Australian IT M&A report

Tech Research Asia to present Australian IT M&A report

Log in

Email:
Password:
  |  Forgot your password?