The Kaseya Attack 2021
By now you have heard of the Kaseya Attack. This comes less than a year after the SolarWinds attack. Kaseya provides a RMM (or “remote monitoring & management”) toolset that helps internal IT and external Managed Services Providers administer networks and related devices. In this post, we’ll talk about:
- What you need to know
- What you already need to be doing
- What you’ll be able to do about this in the near future
You need to worry about security the most when things are calm. If you start caring about security during an attack, it’s already too late.
Stay Prepared, My Friend
As a small business, you cannot easily build your own monitoring & management software. Often, the cost of even one adequate IT person is far more than the cost to outsource IT to a dedicated team (i.e., Managed Services Provider). Therefore, the software vendors and external IT companies are both friend and foe. They help you stay competitive, but they also present a significant risk.
Skimping on backups is the single greatest mistake you can make. You need system-wide, bare metal backups stored redundantly in the cloud. If you have these, you can almost always recover your data in under a day and avoid paying ransoms.
No basketball team playing in the NBA Finals goes into the series without a playbook, training, and game plan. Make no mistake; if you are in business and generating more than $1m/year in revenue, then hackers consider you as playing in the big leagues.
Develop a Written Information Security and Acceptable Use Policy, at an absolute minimum. Also, cyber training is unforgivably low cost these days both from an upfront investment perspective and considering opportunity costs arising from a successful attack.
You hire some bright people, but unless you’re in the IT field, they’re not security experts. Use AI to eliminate human error. Email security is your biggest threat; 94% of malware attacks start here. And it is literally as cheap as $3/user to protect.
Wouldn’t it be nice if you knew a guy?
First of all, if you’re an Accellis client, you’re in luck. We don’t use Kaseya. If you don’t use Accellis and are wondering if you are safe, ask your internal IT or external MSP if they use Kaseya’s server-hosted edition; if so, turn it off immediately and wait for more information on patching.
A long-term trend you need to know about is moving to Microsoft Endpoint Manager (formerly, “Microsoft Intune”). Here at Accellis, we are migrating our clients to MEM to eliminate failure points such as industry RMM’s like SolarWinds and Kaseya.
Microsoft invests more than $1b annually in security. And unlike Kaseya, MEM is something you, not your MSP, owns. MEM gives you cloud imaging, Mobile Device Management, Mobile Application Management, Update Management, Scripting, and more.
If you are in need of cybersecurity services, give us a call today. Our highly credentialed staff can help with:
Free and paid IT, security, and risk assessments to evaluate your preparedness for an attack.
AI-based anti-spam, anti-spear phishing, anti-spoofing, anti-impersonation, domain fraud & account takeover protection.
Backup & DR.
Bare metal backups for your entire network including databases, desktops, and featuring offsite cloud retention.
We have a few key partners that can get you the coverage you need.
Security Operations Center aaS with 24×7 monitoring, alerting, and logging fully managed by security personnel.
Defender for Endpoint.
Modern, agentless antivirus with built in DNS protection and Endpoint Detection & Response.
Fully deployed remote monitoring & management solution for cloud imaging, MDM, and MAM that you own.
We can evaluate your policies, fill in the gaps, or write them from scratch.