MSPs Need To Be Prepared
The Kaseya ransomware attack that struck over the July 4 weekend was devastating to many companies facing the prospect of paying the ransom to notorious ransomware operator REvil or risk losing access to their data.
However, no matter how bad the situation seems at first, there are several steps MSPs can take to help mitigate the fallout, said Kyle Hanslovan, co-founder and CEO of Huntress Labs, an Ellicott City, Md.-based provider of MSP-focused cybersecurity technology.
In a Tuesday webinar that looked at the origin of the Kaseya ransomware attack and its aftermath so far, Hanslovan said the cyberattack against Kaseya’s MSPs generated a lot of fear, uncertainty and doubt.
“Yes, it’s bad,” he said. “Yes, in one day I don’t believe there’s ever been a time where 1,500-plus companies were encrypted. Is this the worst incident? Yes, the worst incident until tomorrow, until something else. The CCleaner back door, that could have been worse than this. [The March] Exchange [attack] could have been worse than this. It just happened to be these attackers were crazy efficient.”
The key for MSPs is needing to know what to do—and equally as important what not to do—in response to the attack. Hanslovan, along with Huntress Labs Senior Security Researcher John Hammond, Huntress Security Researcher Caleb Stewart and Tom Lawrence, president of Lawrence Technology Services, a Southgate, Mich.-based MSP, gave attendees of the webinar several tips to help them quickly respond to the incident and to be prepared for the next.