On the heels of last year's SolarWinds attack, cybercriminals continue to make headlines, with the most recent attack occurring on Kaseya VSA products affecting approximately 50 MSPs and up to 1,500 downstream organizations across the globe.
iGLASS does not use Kaseya VSA products, and has not been impacted by this attack. With that said, it’s important to understand what happened and how you can protect your own organization going forward.
On July 2, 2021, cybercriminals attacked and penetrated Kaseya’s VSA software, which is used to manage IT infrastructure for thousands of SMB clients.
These hackers turned the Kaseya software into a “Trojan Horse,” using it to deploy ransomware to Kaseya’s MSP customers (and thousands of their customers), locking the victims’ computers and demanding payments to unlock them. To their credit, Kaseya took swift action to mitigate the attack and limit the number of MSP customers affected.
You can read the official report and updates from Kaseya here.
How you can protect your own organization
Of course, preventative measures are important as they reduce the risk of a ransomware infection. But, if they fail, a well-planned incident response plan helps your organization take immediate action to reduce the severity (and cost) of an attack, much like Kaseya's plan helped them respond to this attack.
Having a security incident response plan outlines critical steps like containing the infection (ransomware likes to spread), engaging legal counsel and insurance providers, communicating with clients and partners, conducting analysis, and restoring operations.
The United States Cybersecurity & Infrastructure Security Agency, in conjunction with the Federal Bureau of Investigation have extensive resources available to help you protect your business.