Homepage Rankings and Research Companies Channelcast Marketing Matters CRNtv Events Acronis #CyberFit Summit 2021 Avaya Newsroom Experiences That Matter Cisco Partner Summit Digital 2020 Intel Partner Connect 2021

Kaseya Ransomware Attack: 10 Things MSPs Must Do To Protect Themselves

From scrutinizing the security of acquired assets and pen testing software development environments to limiting how much access MSPs have to customers, here’s what Black Hat 2021 attendees said MSPs should do following the Kaseya ransomware attack.

1   2   3   ... 11 Next

Preparing For Next Time

The REvil gang pulled off one of the biggest ransomware heists in years, exploiting a vulnerability in Kaseya’s on-premise VSA remote monitoring and management (RMM) tool to compromise nearly 60 MSPs and encrypt the data and demand ransom payments from up to 1,500 of their end user customers.

Kaseya said the cybercriminals were able to exploit vulnerabilities in its VSA tool to pass authentication and run arbitrary command execution. This allowed REvil to leverage the VSA product‘s standard functionality and deploy ransomware to customer endpoints. The Kaseya ransomware attack also left more than 36,000 MSPs without access to the company’s flagship VSA product for nearly 10 days.

CRN spoke with 10 C-suite executives and threat researchers during Black Hat USA 2021 about what MSPs must do following the Kaseya ransomware attack. From scrutinizing the security of acquired assets and conducting pen tests in software development environments to putting east-west segmentation in place and limiting the access MSPs have in customer environments, here’s what experts recommend.

1   2   3   ... 11 Next

sponsored resources