Homepage Rankings and Research Companies Channelcast Marketing Matters CRNtv Events WOTC NetApp Digital Newsroom WatchGuard Digital Newsroom Cisco Partner Summit Digital 2020 HPE Zone The Business Continuity Center Enterprise Tech Provider Masergy Zenith Partner Program Newsroom Hitachi Vantara Digital Newsroom IBM Newsroom Juniper Newsroom Intel Partner Connect 2021 Avaya Newsroom Experiences That Matter The IoT Integrator NetApp Data Fabric Intel Tech Provider Zone

Kaseya Ransomware Attack: 10 Things MSPs Must Do To Protect Themselves

From scrutinizing the security of acquired assets and pen testing software development environments to limiting how much access MSPs have to customers, here’s what Black Hat 2021 attendees said MSPs should do following the Kaseya ransomware attack.

1   2   3   ... 11 Next

Preparing For Next Time

The REvil gang pulled off one of the biggest ransomware heists in years, exploiting a vulnerability in Kaseya’s on-premise VSA remote monitoring and management (RMM) tool to compromise nearly 60 MSPs and encrypt the data and demand ransom payments from up to 1,500 of their end user customers.

Kaseya said the cybercriminals were able to exploit vulnerabilities in its VSA tool to pass authentication and run arbitrary command execution. This allowed REvil to leverage the VSA product‘s standard functionality and deploy ransomware to customer endpoints. The Kaseya ransomware attack also left more than 36,000 MSPs without access to the company’s flagship VSA product for nearly 10 days.

CRN spoke with 10 C-suite executives and threat researchers during Black Hat USA 2021 about what MSPs must do following the Kaseya ransomware attack. From scrutinizing the security of acquired assets and conducting pen tests in software development environments to putting east-west segmentation in place and limiting the access MSPs have in customer environments, here’s what experts recommend.

1   2   3   ... 11 Next

sponsored resources