Safe Network Solutions Does Not Use Kaseya VSA
Kaseya VSA, a software commonly used by MSPs, was used in a massive cyberattack to deliver ransomware to thousands of organizations around the globe.
Following recent high-profile ransomware attacks that affected a major gas pipeline and a leading global food company, a massive cyberattack took place on Friday, July 2, 2021, and wreaked havoc over the holiday weekend.
What is Kaseya VSA?
Kaseya VSA, a software commonly used by MSPs to manage their clients’ entire IT environments, was used during a massive cyber attack delivering ransomware to thousands of organizations across the globe. Kaseya VSA is the industry’s only unified RMM solution that allows MSPs to maintain, automate, collect information, and patch IT equipment via a remote centralized interface.
According to Kaseya, the attack was carried out by exploiting a vulnerability in its software. On Friday, July 2, 2021, Kaseya released a statement that recommended that any business or organization using Kaseya VSA shut down the system immediately. The Cybersecurity and Infrastructure Security Agency (CISA) released a statement asking businesses and organizations to follow the released guidance in Kaseya’s statement.
Ransomware Attack by REvil
According to multiple reports, the attackers are a Ransomware-as-a-service (RAAS) group called REvil (aka Sodinokibi). REvil compromised approximately 50 corporate clients of Kaseya, all IT management companies. Due to the holiday weekend, most of Kaseya’s IT staff were away from the office, providing the cybercriminal group with the perfect opportunity to strike. The full scope of the attack is not known at this time, but once REvil had access to Kaseya and their corporate clients, they gained access to the customers of those clients as well, affecting about 1,500 businesses. These affected businesses include dentists’ offices, accounting offices, and restaurants, to name a few.
On Monday, July 5, 2021, the attackers requested a $70 million payment in bitcoin in exchange for a decryption key to helping victims recover data from the ransomware attack. REvil was also responsible for the attacks on JBS Foods last month, an Apple supplier called Quanta Computer in April, and an electronics maker called Acer in March.
Our Partners are Safe
Safe Network Solutions does not use Kaseya products to manage our partner’s networks, which is why our partners are safe from this ransomware attack, and we remain vigilant and watchful for incidents like this. We participate in the CISA communications, and we routinely review our processes to ensure we follow the best practices required by CISA and the FBI. We deploy sophisticated tools with multiple layers of protection that include AI and independent backups to address Zero-day events such as this one.
For us to succeed, our partners must succeed. We are in this together! If you have any questions or concerns, please reach out to us so one of our experts can discuss this further with you. Call us at (615) 522-0080.
Safe Network Solutions is a technology consulting firm located in Nashville, TN. We are focused on reducing our Clients’ stress and the time they spend handling IT related issues. As technology has become more integrated with daily business tasks, downtime is not an option. Whether your systems reside on-premise, in the cloud, or in a hybrid setup, you need a partner with expertise in a wide array of technologies, with a security focus.