Juern Technology, Data Breach, Kaseya Hack

Strategically choosing the holiday weekend to deploy their attack, hackers used a single product (VSA) of a software company to gain access to as many as 1,500 businesses worldwide according to the software company at the epicenter of this attack. Even if this isn’t the largest hack ever recorded, It will likely change the future of how businesses think about protecting their company’s IT network forever.

It all came down to a zero-day software vulnerability. That is how the bad actors, affiliates of Russian-linked ransomware gang REvil used U-S-based software company, Kaseya, as a back door to hundreds of unsuspecting businesses in spite of their best attempts to protect themselves from ransomware. In a recent interview, CEO of Kaseya, Fred Voccola rightfully shared the quote “even the best defense gets scored on,” because it’s not a matter of if a business will get attacked, but when. And in this case, the breached software company was able to contain the breach because of the way they compartmentalize their own systems and layer their architecture.

Kaseya, sells IT management software tools to Managed IT Services Providers (MSP) helping them to remotely monitor and manage the security and performance of networks for other businesses. Once the hacker group gained access to the IT provider’s accounts with Kaseya, they proceeded to access hundreds of downstream customer IT networks and encrypt their data, many businesses have no doubt been forced to shut down operations.

“As widely reported, nation-state hackers have succeeded in attacking IT companies and using their tools to run ransomware on their customers. This was reported to be a supply chain attack, but that was incorrect. The hackers exploited a zero-day vulnerability in the Kaseya VSA software and then weaponized the IT tools to run the ransomware. This just amplifies the need for zero-trust security. More layers have to be added and less trust allowed to stop these attacks.” 

– Neal Juern, President/CEO of Juern Technology

 

Related: What You Think Your Anti-Virus Does And What It Actually DOESN’T Do

 

How Can Attacks Like The Kaseya Hack Be Prevented?

Simply put, by adding MORE security layers. The scary truth is, the IT industry is not regulated (yet), and as a business owner, you are forced to trust that the IT provider you hired to protect your data is doing everything they possibly can to protect your organization’s most valuable asset – your data. Unless your Managed IT Service Provider specializes in cybersecurity and provides you with zero-trust security using next-gen cybersecurity software and practices, your business is low-hanging fruit for attacks like this one.

Zero-trust security is an approach to protecting an IT network that relies on 24/7 proactive security monitoring, carefully placed permissions and components, whitelisting, ringfencing, redundancy, layering security, and let’s be honest…a heightened sense of paranoia. What you need to look for, is an MSP who is also a Managed Security Services Provider (MSSP), and who has dedicated staff working on constantly monitoring and improving security practices.

 

Wondering if your current IT provider or internal IT department truly has you “covered?” Is your business located near Austin or San Antonio with over 30 computers? As a prospective client, we would like to offer you a no-cost, no-obligation, CONFIDENTIAL Cybersecurity Risk Assessment for your company to introduce our services to you AND to help you determine if your business could truly survive a ransomware attack. Don’t wait until it’s too late, call today to schedule your Free Cybersecurity Risk Assessment at (210) 245-6900 click here to request it online: https://www.juerntech.com/cyberaudit/

 

Juern Technology is the leader in keeping small and medium-sized businesses safe from hackers, viruses, extended downtime, and malware. No other IT services company in Austin or San Antonio can touch our quick response time of 3 minutes or less, or our ability to blend into your organization and implement an effective, reliable, and robust network security defense that doesn’t interfere with your daily workflow.

We were named Top IT Services Firm by Clutch and specialize in delivering proactive IT support and services to businesses like yours with friendly, knowledgeable techs who put you at ease and resolve your IT problems quickly and efficiently. Over the last 8 years, we’ve dedicated ourselves to becoming a highly rated IT services company and have partnered with top technology leaders like Cisco, Microsoft, Dell, and others. We guarantee the security and availability of your data or your money back.