News has spread regarding a supply-chain ransomware attack using the Kaseya Remote Management and Monitoring tool (RMM) known as Virtual System Administrator (VSA). Kaseya has over 36,000 VSA customers around the world, Computer Superheroes being one of them.
Mid-morning on Friday, July 2nd, we began receiving reports that a few Kaseya customers using the VSA product were hit with a ransomware attack that spread from their VSA instance to the endpoint systems they service – affecting about 1000 businesses worldwide. Each of the VSA customers that were attacked were hosting their own server in-house and were running older versions of the VSA platform. Our VSA is hosted in the Kaseya Managed Cloud (SaaS) and is updated and patched weekly. Kaseya immediately took steps to prevent the spread of the attack to their SaaS cloud infrastructure by shutting down all communications between the VSA and the managed endpoint systems. Kaseya has not had any reports from its SaaS customers that any systems have been affected by this attack and have since stated that SaaS customers like us “were never at risk”. We are happy to report that we also have strong evidence that our customers remained safe and have not been affected by this attack. We have taken steps with your security software to block execution of the known files that deploy the ransomware.
To read Kaseya’s official update on this issue, please click here.