News about cyberattacks have become alarmingly regular, but this month a successful attack took place that shocked the IT industry. While IT Basecamp's systems have not been compromised, there are actions we as IT suppliers plan to take as a result of this event and also steps you should consider to better protect your business.
On the 2nd of July, a cyberattack was carried out on the American company Kaseya, one of the largest suppliers of Managed Service Provider (MSP) software in the world. Managed Service Providers are companies like IT Basecamp that provide IT services to the end client - businesses like yours.
The product that was breached was a Remote Monitoring and Management (RMM) tool called Kaseya VSA. Tools such as Kaseya VSA form the basis of the automation that allows MSPs to remotely service client networks. It is used by IT service suppliers worldwide to monitor and remotely manage the client's servers, workstations and network-attached devices.
Access to Kaseya VSA allowed the cybercriminals to reach and simultaneously encrypt with ransomware the networks of well over 1,000 businesses. Many more thousands of businesses were then impacted when all Kaseya VSA servers worldwide had to be shut down pending a security patch.
IT Basecamp's vendor of choice for our RMM applications is Datto so this security breach has not affected any of our clients. We do use a Kaseya product (IT Glue) which houses all of our documentation but have been duly informed that this product has not been compromised.
Although the breach itself has no direct ramifications for IT Basecamp or our customers, the nature of this breach and how it was targeted gives rise to concern across our industry.
As a result of this event, IT Basecamp has formed into project teams to assess all aspects of our business for any way we can improve security in our business practices and services.
Here are a few of the initiatives we are undertaking:
Please feel free to reach out to our team with any concerns you may have.
Help me protect my business against cybercrime