You may have heard about the ransomware breach at Kaseya VSA, a remote monitoring and management (RMM) product with U.S. headquarters in Miami. As a provider of managed IT services and cyber security, Internos does provide RMM to clients. However, we do NOT use Kaseya VSA, so Internos clients are NOT impacted by the Kaseya breach.
Impacted or not, with every breach, there are important lessons to be learned. So, we’ll take this opportunity to talk about the importance of remote monitoring and management (RMM) and how it is used to protect your business.
What Is Remote Monitoring and Management (RMM)?
Managed service providers need access to all your computers, networks and other endpoints, wherever they may be and at pretty much any time. It is how we respond to helpdesk tickets, proactively monitor your endpoints, apply updates and patches, and more. Sometimes called network management or network monitoring, RMM installs an “agent” on every endpoint that sends information about the endpoint’s health and status back to the MSP. The managed service provider can then monitor and make changes without ever needing to physically touch the endpoint. With remote and hybrid work on the rise, remote IT management is now a critical component of cyber security and IT management.
What Happened With the Kaseya Breach?
Kaseya VSA is one RMM product used worldwide. Hackers were able to exploit a zero-day vulnerability and infect thousands of machines around the world with ransomware. A zero-day vulnerability is a previously unknown weak spot that allows access to the system. The full impact of the breach, which began July 2, is not fully known but it is estimated to have impacted 800 to 1,500 small to medium-sized businesses.
When the attack was first discovered, Kaseya instructed companies with VSA installed to shut down their VSA servers immediately. Kaseya pulled its data centers offline and shut down their SAAS servers to minimize the impact. A fix for the vulnerabilities that led to this breach is expected in the next Kaseya VSA update.
>>Know what to do in a ransomware attack with this free checklist
Is My Company Impacted by the Kaseya VSA Breach?
Internos Group does not use Kaseya VSA for its RMM tool. That means no Internos clients were directly impacted by this breach. It is always a good idea to check in with your MSP after any breach to discuss additional protection steps that might be recommended in case a vendor or other company you do business with was impacted.
What About Potential Future RMM Breaches?
Because breaches like Kaseya exploit previously unknown weaknesses, they can’t be prevented entirely. That’s why it is important not to put all your cyber security in one basket. Internos Group layers IT and cyber security solutions to provide fail-safes and fill gaps. On top of that, Internos engineers proactively monitor your systems 24×7 to immediately react to any breach alerts or suspicious activity.
>>Not sure what to look for in an MSP? Get the checklist
At Internos, we continuously evaluate the threat landscape and modify our processes and tools to meet those threats and keep your endpoints safe. While we were not affected by this breach, we are very vigilant about this type of attack against our industry. Our CTO, Richard Blanco, is a member of multiple security groups to monitor this type of attack and stay up to date. We also belong to a national peer group with multiple engineers who constantly work together to stay safe and keep our clients secured.
If you are a current client, reach out with any questions or concerns through your account manager or any of your normal communication channels.
Not an Internos client yet? Contact us or book a meeting to learn how Internos can protect your business from downtime, data loss, cyber attacks and other business disruptions.