Kaseya data breach rocks the  IT industry - but what does it mean for your business? banner

Kaseya data breach rocks the  IT industry - but what does it mean for your business?

Jul 13, 2021 Tech blog

News about cyberattacks have become alarmingly regular, but this month a successful attack took place that shocked the IT industry. While IT Basecamp's systems have not been compromised, there are actions we as IT suppliers plan to take as a result of this event and also steps you should consider to better protect your business.

What happened?

On the 2nd of July, a cyberattack was carried out on the American company Kaseya, one of the largest suppliers of Managed Service Provider (MSP) software in the world. Managed Service Providers are companies like IT Basecamp that provide IT services to the end client - businesses like yours.

The product that was breached was a Remote Monitoring and Management (RMM) tool called Kaseya VSA. Tools such as Kaseya VSA form the basis of the automation that allows MSPs to remotely service client networks. It is used by IT service suppliers worldwide to monitor and remotely manage the client's servers, workstations and network-attached devices.

Access to Kaseya VSA allowed the cybercriminals to reach and simultaneously encrypt with ransomware the networks of well over 1,000 businesses. Many more thousands of businesses were then impacted when all Kaseya VSA servers worldwide had to be shut down pending a security patch.

IT Basecamp not affected

IT Basecamp's vendor of choice for our RMM applications is Datto so this security breach has not affected any of our clients. We do use a Kaseya product (IT Glue) which houses all of our documentation but have been duly informed that this product has not been compromised.

Although the breach itself has no direct ramifications for IT Basecamp or our customers, the nature of this breach and how it was targeted gives rise to concern across our industry.

What next?

As a result of this event, IT Basecamp has formed into project teams to assess all aspects of our business for any way we can improve security in our business practices and services.

Here are a few of the initiatives we are undertaking:

  1. IT Basecamp has commissioned a large data link in Huskisson with an aim to start shipping all contract client backups to our premises for storage, in addition to your on-premise and cloud-based backups. The goal is to make these backups air-gapped. This means they aren't physically attached to any network and therefore are not accessible during a cyber attack.

  2. We are upgrading our procedures to have a solid Data Breach Playbook to operate by with reviews conducted monthly or on a significant event occurring such as this.

  3. We will be contacting customers about further 2-Factor for Windows logins using products like Duo.

  4. We plan to start free customer/staff training webinars around security and business continuity. Everyone in your organisation should be part of the response team to identify suspicious online activity.

  5. All customers are strongly advised to check out the resources at IT Basecamp's subsidiary Cyber Heroes for support identifying any potential vulnerabilities in your processes and equipment.

Please feel free to reach out to our team with any concerns you may have.

Help me protect my business against cybercrime