https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • 2022 MSP 501 Rankings
    • 2022 NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2022 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Channel Partners 101 (CP 101)
  • Events
    • Back
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • 2022 MSP 501 Rankings
    • 2022 NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2022 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Channel Partners 101 (CP 101)
  • Events
    • Back
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

Security


Getty Images

Start slideshow

Kaseya VSA Ransomware Attack, SolarWinds Hack Share Many Similarities

  • Written by Edward Gately
  • July 7, 2021
Kaseya is preparing its customers for the planned release of its patch for VSA on-premises.

Last weekend’s Kaseya VSA supply chain ransomware attack and last year’s giant SolarWinds hack share a number of similarities.

So says Jerry Ray, COO of SecureAge, and Corey Nachreiner, chief security officer of WatchGuard Technologies.

The Kaseya attack breached about 50 customers, including 35 MSPs, and penetrated or directly impacted up to 1,500 downstream businesses.

The attackers breached Kaseya VSA, the company’s remote monitoring and management (RMM) service. All of the MSPs were using the VSA on-premises product.

On Wednesday, Kaseya said it’s preparing its on-premises customers for the planned release of its patch for VSA on-premises. In addition, it should restore its VSA SaaS by Thursday evening.

Sinister Point of Compromise

Ray said the attacks on Kaseya and SolarWinds share the most “sinister point” of compromise. That’s the trust between a vendor and a client.

SecureAge's Jerry Ray

SecureAge’s Jerry Ray

“As for the similarity between the two, it appears to be another supply-chain attack, wherein the attack on an upstream vendor’s product led to the compromise of downstream customers,” he said. “Key among the differences, however, is that the exploit of the Kaseya VSA product led to the injection of ransomware into the endpoints managed by Kaseya VSA on-premises users, while the SolarWinds attack led to data exfiltration.”

Kaseya claims the number of victims is relatively small when you compare it to SolarWinds, Ray said.

The size of the Kaseya VSA attack will be measured in either the ransom paid or the cost of data recovery and restoration, Ray said.

“The data exfiltrated and systems monitored through the SolarWinds attack could ultimately cost infinitely more,” he said. “The ultimate intention or use of the data may not be realized for months or years.”

Zero-Day Vulnerabilities

Nachreiner said both SolarWinds and Kaseya seem to involve zero-day vulnerabilities in a software package used for monitoring and management that are popular among IT professionals.

WatchGuard's Corey Nachreiner

WatchGuard’s Corey Nachreiner

“That said, the Kaseya attack mainly targets MSPs, which wasn’t the case with SolarWinds,” he said. “There were many other MSP-targeted ransomware attacks in 2019. I believe this attack has more similarities with some of those past MSP ransomware attacks.”

Dave MacKinnon is N-able‘s chief security officer.

N-able's Dave McKinnon

N-able’s Dave MacKinnon

“The adversarial pivot to supply-chain-based attacks for delivering ransomware underscore the role we all must play in helping to keep each other protected,” he said. “MSPs, in particular, provide a variety of services to help protect and secure their customers. But if a cybercriminal gets into one MSP system, they can easily find themselves holding the key to a kingdom of SMEs in one fell swoop.”

It’s key to keep in mind that this can happen to anyone, at any time McKinnon said.

“As technology vendors, we have to realize we’re all potential targets, and the risks are steep,” he said.

Our slideshow above features more commentary on the Kaseya attack.

Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn.
Tags: MSPs Cloud EMEA Galleries Intelligence RMM/PSA Security Technologies

Most Recent


  • CwCJ Feature Size
    Coffee with Craig and James Episode No. 114: Zayo Group, Telarus Partner Summit
    We take a deep dive into the Zayo partner program with channel leader Lynn Tinney.
  • Revamping
    As Broadcom Deal Looms, VMware Revamps Partner Connect in a Big Way
    What’s coming and when? Find out. Hints: New methods of compensation, progression, more focus on services.
  • Twenty, 20
    The CF List: 2022's Top 20 CCaaS Providers You Should Know
    AI is a game-changer in CCaaS.
  • Job cuts
    Malwarebytes Layoffs Impact Workers as Part of Strategy Shift
    The layoffs aren't a reaction to market conditions.

One comment

  1. Avatar mnchstr July 8, 2021 @ 5:56 am
    Reply

    Is connectwise next?

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Merger Rumor
    Latest M&A Chatter Involves Avast-NortonLifeLock, Intel
  • Funding
    Auvik Secures $250 Million in New Funding from Great Hill Partners
  • Latest update
    Forescout Updates Envision Partner Program to Improve Profitability, Predictability
  • Convergence
    Build, Buy or Broker? Channel Partners Tackle Evolving Technological Demands

Upcoming Events

View all

MSP Summit

September 13, 2022 - September 16, 2022

Channel Partners Conference & Expo

May 1, 2023 - May 4, 2023

Galleries

View all

As Broadcom Deal Looms, VMware Revamps Partner Connect in a Big Way

August 18, 2022

The CF List: 2022’s Top 20 CCaaS Providers You Should Know

August 18, 2022

Skyhigh Security Adds Nutanix, Dell Vets to Channel Leadership Team

August 18, 2022

Industry Perspectives

View all

How to Take Shared Responsibility for Securing Cloud

August 11, 2022

Seize the Application Modernization Opportunity

August 2, 2022

A Growth Mindset: Your Organization’s Strategic Differentiator

August 1, 2022

Webinars

View all

Outsmarting RaaS: Implementation Strategies To Help Your Clients Before, During, and After a Ransomware Attack

August 23, 2022

Why it is Important to Upgrade Aging Servers and How to use Live Optics to Upgrade Efficiently

August 25, 2022

Executives at Home are Not Alright: An Intro to Digital Executive Protection

September 8, 2022

White Papers

View all

Work Goes Remote – (and Other Top ITOps Trends)

May 25, 2022

The New Bottom Line: How MSPs Can Meet the Healthcare Crisis While Evolving Their Businesses

April 19, 2022

How to build a Security Operations Center (on a budget)

April 4, 2022

Channel Futures TV

View all

ThreatLocker Preaches Zero Trust, Addresses Industry Competition

Microsoft Targeting Partners to Sell Teams, Windows 365 to SMBs, More

August 15, 2022

ScienceLogic Debuts New Partner Portal

August 9, 2022

Vonage a ‘Single Communications Stack Provider’ for Partners, Customers

June 27, 2022

Twitter

ChannelFutures

#CoffeeWithCraigandJames features Lynn Tinney of @ZayoGroup and @patrickoborn of @Telarus. dlvr.it/SWsl0t https://t.co/YjWTOIdJwm

August 18, 2022
ChannelFutures

The @TDSYNNEX personnel changes and restructure begs the question: is this the death of communities, or rather an e… twitter.com/i/web/status/1…

August 18, 2022
ChannelFutures

.@Infobip, @bandwidth and @Avaya have earned top spots as #CPaaS providers, according to @SW_Reviews.… twitter.com/i/web/status/1…

August 18, 2022
ChannelFutures

From mentorship to DE&I efforts, channel leaders from @ScienceLogic and @Lenovo speak about women's leadership.… twitter.com/i/web/status/1…

August 18, 2022
ChannelFutures

[email protected] Security adds @nutanix, @DellTech vets to channel leadership team. #cybersecurity dlvr.it/SWsDTq https://t.co/X5z7tCiATx

August 18, 2022
ChannelFutures

.@Malwarebytes layoffs impact 125 workers as part of shift in GTM strategy. #cybersecurity dlvr.it/SWsBl6 https://t.co/8fo2BtnfAr

August 18, 2022
ChannelFutures

Get ready for the inside scoop on @VMware’s changes to @VMware_Partners. #PartnerConnect is getting some big enhanc… twitter.com/i/web/status/1…

August 18, 2022
ChannelFutures

Our latest #CFList highlights top #CCaaS providers, with @Avaya, @Microsoft, @8x8, @Vonage, @Five9, @awscloud,… twitter.com/i/web/status/1…

August 18, 2022

MSP 501

The industry's largest and most comprehensive partner awards program.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2022 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X