Contact
Let's Talk
One More Reason to Test Your Organization’s Cyber Security, For Real

By: Bill Walter on July 06, 2021

Print/Save as PDF

One More Reason to Test Your Organization’s Cyber Security, For Real

Networking  |  Service Businesses  |  Healthcare  |  Nonprofit  |  Manufacturing & Distribution  |  Government Contractors  |  Construction & Real Estate  |  Cyber Security

Another malicious cyber attack was reported just before the July 4 holiday weekend. This one hit close to home here at Gross Mendelsohn. Before I go into the details, rest assured that we were not affected.

This massive ransomware attack is one of many recent incidents that provides further proof that every business needs to take cyber security seriously, and put measures into place to prevent a disastrous attack.

This incident is another example of a supply chain attack: bad actors using tools meant for legitimate purposes, used to cause harm.

What Happened in the Attack?

This cyber attack targeted remote monitoring and management provider Kaseya.

Specifically, the hackers went after Kaseya’s VSA (virtual system/server administrator) product, which is used by thousands of companies worldwide to monitor and manage their IT infrastructure. These tools allow IT administrators to automate many processes and keep systems up to date. They let IT administrators know about hardware and software issues early on, before they become more serious. Essentially, Kaseya’s tools enable IT staff to do more and do it efficiently. That’s why the VSA tool is a target for cyber attackers who want to wreak havoc or make money illegitimately.

The hackers used Kaseya’s monitoring and management tool to inject ransomware into this trusted service. That, in turn, allowed them access into many more systems.

The good news is that Kaseya was on top of this situation. The company noticed the issue quickly, notified their clients and law enforcement, and initiated an all hands on deck response to this threat.

How Did We Respond At Gross Mendelsohn?

We use Kaseya’s products at Gross Mendelsohn and responded just as quickly.

First, we disabled all access to our VSA server. Then, we worked with Kaseya to check for indicators of compromise and verify we were not affected. We will continue to work with them until the incident is resolved.

Our firm uses every safeguard that Kaseya offers and has additional measures in place to protect our IT infrastructure and client data. Other than shutting down our remote management services briefly, we are not part of this compromise. We take security very seriously.

Additional Resources

You might be interested in the following resources from Gross Mendelsohn and the Cyber Security & Infrastructure Security Agency:

Need Help or Have Questions?

Our Technology Solutions Group includes a team of cyber security experts. We’re happy to meet with you for a free cyber security assessment of your organization’s IT infrastructure. Or, you can contact us online or call 410.685.5512 with any questions.

 

cyber security webinar

About Bill Walter

Bill, our lead networking guru, loves showing clients how technology can be worked into their existing processes to improve efficiency and security. His expertise includes cyber security, high level planning for internal and external networks, , and hands-on installation and configuration of networks. He helps organizations of all types and sizes implement cyber security best practices to protect sensitive data. Normally a pretty easygoing guy, Bill thinks there should be a law against wearing a Bluetooth headset when it’s not in use.