ALL >> General >> View Article
Kaseya Ransomware Attack
WHAT WE KNOW
Enterprise tech firm, Kaseya, has confirmed within the past 24 hours that approximately 1,500 businesses were impacted as a result of an attack on its remote device management software, which was used to spread ransomware.
It appears that the attackers carried out a supply chain ransomware – click to read more.
The US has launched an investigation as gang demands giant $70 million payment. Kaseya worked with the FBI and CISA on Monday evening to discuss systems and network hardening tasks prior to restoring services for its SaaS and on-premises customers.
IMPORTANT INFORMATION
If you happen to be an NSA/Datto client, you should not be impacted & continue to have your automated back-ups run as usual. Datto disconnected any Kaseya RMM links to their backup solutions to prevent even a remote possibility of an infection.
WHO DOES THIS IMPACT
ANY NSA OR TUG MEMBERS THAT MAY BE USING THE ON-PREMISE VERSION OF KASEYA’S REMOTE MONITORING SOLUTION, PLEASE TAKE NOTE OF A RECENT ATTACK ON KASEYA AND STEPS TO TAKE IF YOU’RE AFFECTED.
ACTIONS TO TAKE IMMEDIATELY
Kaseya ...
... urges customers to immediately shut down VSA server (Ransomware: Paying up won’t stop you from getting hit again, says cybersecurity chief)
Kaseya has developed a patch for customers running VSA on their own servers and should be available after SaaS servers are brought back online last night, Kaseya said in an update.
Kaseya also released a new, free comprise detection tool that customers can use to check networks and computers. The new version searches for indicators of compromise, data encryption, and the REVil ransom note. “We recommend that you re-run this procedure to better determine if the system was compromised by REvil,” Kaseya said. “A set of requirements will be posted prior to service restart to give our customers time to put these counter measures in place in anticipation of a return to service on July 6th.”
UPDATES FROM KASEYA:
“To date, we are aware of fewer than 60 Kaseya customers, all of whom were using the VSA on-premises product, who were directly compromised by this attack. While many of these customers provide IT services to multiple other companies, we understand the total impact thus far has been fewer than 1,500 downstream businesses. We have not found evidence that any of our SaaS customers were compromised.” Kaseya said in an update on the attack.
HOW DID THIS HAPPEN?
The attackers exploited a previously unknown flaw in Kaseya’s VSA software, which is used by MSPs and their customers. VSA is remote monitoring and management software, which is used to manage endpoints, such as PCs, servers, and cash registers, as well as manage patching and security vulnerabilities.
On Sunday, the attackers asked for $70 million in exchange for a universal decryption tool that would supposedly resolve the REvil issue for Kaseya and its customers.
Kaseya noted that it had not received reports of VSA customers that had been compromised since Saturday. It says that no other Kaseya products were compromised.
While Kaseya’s software-as-a-service (SaaS) line of VSA was not affected, its servers were taken down during the incident response and remain offline today.
Thank you and please contact NSA with any questions!
NSA has been helping companies get the most out of their ERP and has continually exceeded client expectations by providing the best service and support. For More Info : Visit Here : https://www.nsacom.com/
Add Comment
General Articles
1. Magento Developers Melbourne: Your Trusted Partner For Magento Web DevelopmentAuthor: themerchantbuddy
2. How Can E-commerce App Development Help Your Business?
Author: Comfygen
3. The Best Baby Cot Mattress For Summer In Australia: Keep Your Baby Cool And Comfortable !
Author: Milari Organics
4. How Might An Amazon Fba Prep Service Center Help You Streamline Your Business?
Author: 3pshipping6
5. Reviving Artisanal Craftsmanship – Why Handmade Products Matter More Than Ever
Author: Chaitanya Kumari
6. What To Look For In A New York Labor And Employment Law Firm
Author: jewellansing792
7. 50 Years Of Long-lasting Performance
Author: Busch Vacuum Solutions
8. Optimize Healthcare Revenue Cycle: Strategies For Financial Success
Author: Albert brown
9. Offres Exclusives Pour Vos Voyages En Inde Du Nord — Économisez Jusqu’à 30% — Réservez Dès Maintenant!
Author: yatika
10. 200-hour Weekend Yoga Teacher Training Course (yttc) In Bengaluru: A Pathway To Mastery In Yoga
Author: Yogakulam Academy
11. Understanding Patient Behavior: The Importance Of Market Research In Healthcare Marketing
Author: Adomantra
12. Ensuring Safety And Privacy: The Advantages Of Close Protection Services In Dubai
Author: Shancy
13. Thermodynamic Steam Traps: A Compact Solution For Maximum Performance
Author: David John
14. Best Accounting Service In California – Mj Financials
Author: maria jeffery
15. Best Astrologer In Hosahalli
Author: Pandith Keshav Das