How the Attack Occurred
The FBI described the attack as a “supply-chain ransomware attack leveraging a vulnerability in Kaseya VSA software.” Simply, a supply-chain attack is when malicious code is placed in trusted software. Then, trojans or backdoors can affect recipients of the infected software. This specific attack targeted Kaseya’s virtual systems/server administrator (VSA) software and exploited several vulnerabilities in it, inserting ransomware into the system through a fake management agent update.The Scope and Fallout of the Attack
In a July 6th press release, Kaseya stated that “while impacting approximately 50 of Kaseya’s customers, this attack was never a threat nor had any impact to critical infrastructure.” Yet the Kaseya ransomware attack has been called “the biggest non-nation state supply chain attack ever, and possibly the second biggest ransomware attack ever.” The full scope of those affected by the ransomware attack is not known, since many of the businesses affected were clients of Kaseya’s customers. Businesses affected by the breach included many SMBs across multiple industries, hundreds of supermarkets in Sweden, about a dozen schools and kindergartens in New Zealand. The security firm ESET reports the most impacted countries were the United Kingdom, South Africa, Canada, Germany, the United States, and Colombia.What This Means for SMBs
The volume of cyberattacks continues to rise, and cybercriminals have become more sophisticated and organized. Recent ransomware attacks demanded—and received—millions of dollars. Large corporations like meat processor JBL paid $11 million, and Colonial Pipeline paid a $4.4 million ransomware payment. Because many small businesses cannot afford their own IT departments, they are especially vulnerable. Ransomware attacks can be crippling for a business, shutting down computers, potentially wiping out all of their files remotely, and being on the receiving end of the devastating financial effects these attacks bring.Quality Cybersecurity Services Can Protect Businesses
With the Kaseya attack displaying yet again how vulnerable systems can be manipulated, it’s more important than ever that small businesses acquire strong cybersecurity services from a secure and trusted MSP. Partnering with a quality, experienced MSP to administer and maintain cybersecurity services can help protect your business from ransomware and other cybersecurity attacks. An MSP can implement the proper security tools and provide training to stay ahead of and recover from ransomware attacks. MSPs offer a variety of services that will provide you with the protection your business needs.- MSPs ensure businesses follow proper backup solutions and schedules.
- MSPs can perform penetration tests to check for vulnerabilities or unpatched software.
- An MSP can send mock phishing or suspicious emails to test if employees click on links or download attachments, helping train the organization’s employees on safe cyber practices.