Kaseya working to get systems back online

Kaseya has been updating MSPs and users in the wake of the high-profile ransomware attack and is moving closer to getting its VSA systems back online.

The firm was hoping to get things back online last night but had to revise its timetable because of an issue discovered during the VSA software-as-a-service (SaaS) deployment.

It also provided a wider update about the progress it has made to remedy a ransomware attack launched by Russian hacking group REvil last weekend.

Kaseya reassured MSPs and customers that the attack had had limited impact, with only about 50 of more than 35,000 customers being breached.

Even with those breaches, the attack never posed a threat to critical infrastructure and of the 800,000 to one million local and small businesses that are supported by MSPs using Kaseya technology, only 800 to 1,500 have been compromised.

“Our global teams are working around the clock to get our customers back up and running,” said Fred Voccola, CEO at Kaseya. “We understand that every second they are shut down, it impacts their livelihood, which is why we’re working feverishly to get this resolved.”

Kaseya is not working on the problem alone and in the US has been in discussions with the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), the Department of Homeland Security and the White House. The business has also been collaborating with incident firm FireEye Mandiant IR.

“This is a collaborative effort to remediate the issue and identify the parties responsible so they may be held accountable,” said Voccola. “We are beyond grateful for their assistance in getting our customers back online. The immediate action-oriented and solution-based approach of CISA and the FBI, with tremendous overall support from the White House, has proven to be a huge help in ensuring that this attack led only to a very small number of impacted customers.

“While each and every customer impacted is one too many, the impact of this highly sophisticated attack has proven to be, thankfully, greatly overstated.”

The Kaseya attack has reminded the managed service community of its responsibility to remain vigilant against potential attacks.

Forrester analyst Allie Mellen said ransomware was one of the unfortunate consequences of living in a connected world.

“Globalisation has brought with it many positives from easy access to new markets, new talent and new cultures,” she said. “However, it also makes us more susceptible to far-reaching attacks, as showcased by the Kaseya ransomware attack.

“This attack not only affected Kaseya direct customers, but also the many clients of their customers. The third-party impacts of ransomware and other cyber attacks are taking centre stage this year and show how important it is to work with trusted partners.”