Posted by on

Although SpireTech uses Kaseya software for systems management, neither SpireTech or our customers were victims of the latest headline news breach.  Our response, analysis of the hack, explanation of why  we were not affected, and plans moving forward are below. 

Background 

Kaseya makes software for IT systems management.  It is used by enterprises and managed service providers alike to streamline technician effectiveness, enabling a few technicians to manage thousands of systems at scale, including patch management, health monitoring, and providing helpdesk services.  Kaseya, based in Miami Florida, is one of the largest vendors of this type of software.  SpireTech has been using Kaseya software for over ten years. 

Initial response 

We sent the following notification to VIPsupport client key contacts on Friday afternoon:  

On Friday 7/2/21 at 12:48pm PT we were notified by our Remote Monitoring & Management vendor, Kaseya, of an active security incident involving their software being used to deploy ransomware, and advising us to shutdown our management server until security experts can determine the cause. 

We have shutdown our server under the presumption this will protect us (and you), and are actively monitoring our Sophos Intercept-X software for indicators of compromise – and at this point, there are none.   

  Read more...

Posted by on
To effectively monitor and manage their client’s systems MSPs (Managed service providers) often establish remote connections to all their client’s networks. Unfortunately, those multiple connections make MSPs a prime target for ransomware and hacking.