Another malicious cyber attack was reported just before the July 4 holiday weekend. This one hit close to home here at Gross Mendelsohn. Before I go into the details, rest assured that we were not affected.
This massive ransomware attack is one of many recent incidents that provides further proof that every business needs to take cyber security seriously, and put measures into place to prevent a disastrous attack.
This incident is another example of a supply chain attack: bad actors using tools meant for legitimate purposes, used to cause harm.
What Happened In the Attack?
This cyber attack targeted remote monitoring and management provider Kaseya.
Specifically, the hackers went after Kaseya’s VSA (virtual system/server administrator) product, which is used by thousands of companies worldwide to monitor and manage their IT infrastructure. These tools allow IT administrators to automate many processes and keep systems up to date. They let IT administrators know about hardware and software issues early on, before they become more serious. Essentially, Kaseya’s tools enable IT staff to do more and do it efficiently. That’s why the VSA tool is a target for cyber attackers who want to wreak havoc or make money illegitimately.
The hackers used Kaseya’s monitoring and management tool to inject ransomware into this trusted service. That, in turn, allowed them access into many more systems.
The good news is that Kaseya was on top of this situation. The company noticed the issue quickly, notified their clients and law enforcement, and initiated an all hands on deck response to this threat.
How Did We Respond at Gross Mendelsohn?
We use Kaseya’s products at Gross Mendelsohn and responded just as quickly.
First, we disabled all access to our VSA server. Then, we worked with Kaseya to check for indicators of compromise and verify we were not affected. We will continue to work with them until the incident is resolved.
Our firm uses every safeguard that Kaseya offers and has additional measures in place to protect our IT infrastructure and client data. Other than shutting down our remote management services briefly, we are not part of this compromise. We take security very seriously.
Additional Resources
You might be interested in the following resources from Gross Mendelsohn and the Cyber Security & Infrastructure Security Agency:
- How to Protect Your Business From Ransomware
- 5-Minute Guide to Cyber Security
- What Business Owners Need to Know About Cyber Insurance
- 5 Best Practices for Making Cyber Security Less Scary
- Schedule Your Free Cyber Security Assessment With Gross Mendelsohn
- Kaseya VSA Supply-Chain Ransomware Attack
Need Help or Have Questions?
Our Technology Solutions Group includes a team of cyber security experts. We’re happy to meet with you for a free cyber security assessment of your organization’s IT infrastructure. Or, you can contact us online or call 410.685.5512 with any questions.
