Ransomware Rampage

The REvil gang has pulled off one of the biggest ransomware heists in years, exploiting a vulnerability in Kaseya’s on-premise VSA remote monitoring and management tool Friday to compromise nearly 60 MSPs and encrypt the data and demand ransom payments from up to 1,500 of their end user customers.

For the Kaseya customers who weren’t themselves compromised, the attack left more than 36,000 MSPs without access to Kaseya‘s flagship VSA product for at least four days as the company worked on a patch for the on-premises version of VSA and kept the more widely-used SaaS version of VSA offline as a precautionary measure.

Victims of the attack span 17 countries, with the United States, Germany, Canada, Australia, and the U.K. most heavily represented. From the largest ransom demand of all-time to a potentially linked attack on Microsoft cloud customer apps via Synnex to how this compromise was nearly avoided altogether, here’s a look at 10 vital things the channel community should know about the Kaseya cyberattack.