Last weekend’s Kaseya VSA supply chain ransomware attack means customers won’t have access to the company’s remote monitoring and management (RMM) service until Sunday.

The Kaseya ransomware attack breached about 50 customers, including 35 MSPs. It also penetrated or directly impacted up to 1,500 downstream businesses.

In his latest briefing, Fred Voccola, Kaseya’s CEO, said VSA, both on-premises and SaaS, should be back up at 4 p.m. ET on Sunday. Both were previously expected to be back up this week.

“That’s a long time to be down,” he said. “I understand this. It’s my decision to do this. It was my decision and no one else’s decision to pull the release from yesterday that we had committed.”

Kaseya Ransomware Attack Prompts Additional Layers of Protection

All of the VSA vulnerabilities exploited during the Kaseya ransomware attack are locked, Voccola said. However, it was suggested that additional layers of protection should be added “for things we might not be able to foresee.”

Kaseya’s Fred Voccola

“We decided to pull it for an additional three-and-a-half days to make sure that it is hardened as much as we feel we can do for our customers,” he said. “The fact that we had to take down VSA is very disappointing to me very personally. I feel like I let this community down. I let my company down. Our company let you down. It sucks and I don’t want anyone to think that we are not taking this as seriously professionally as anything we’ve all had to do.”

Kaseya has also published a runbook of the changes to make so on-premises VSA users have a head start and can prepare for the patch, Voccola said.

“We love our customers,” he said. “It pisses me off when we do things to hurt them, especially when it’s something like this where we’ve fallen victim to criminal acts and it’s impacting everyone.”

Financial Assistance for Attacked MSPs

In addition, Kaseya is rolling out a program closely modeled after Kaseya CARES. That program launched during the pandemic to provide financial and other assistance to MSPs.

“We will be providing direct financial assistance to MSPs who have been crippled by these evil people and the new adversaries that we face,” Voccola said. “We will also be spending millions of dollars working with third-party consulting companies [and] our own professional services team, providing licenses, delays of payment and other means to address every one of you who have been down for the past several days and for the next several days.”

Throwing money at problems does not always solve them, he said.

“We get it,” Voccola said. “It’s better than not throwing money at them, but it doesn’t solve them. We’re doing what we can do. I assure you no one at Kaseya wanted this to happen. None of you wanted this to happen.”

The FBI, the Department of Homeland Security (DHS) and third-party consultants have been working with Kaseya and advising it on what it needs to do to bring back VSA successfully.

“I want to thank everyone for their patience,” Voccola said. “I’ve spoken to well over 100 of you folks. I wish I could speak to all of you. We’ll be back. Our products will be up in a couple of days, and it will be exponentially more secure than it was. And we’ll continue to invest in the time and people to help make sure that you, our customers, are successful.”