One More Reason to Test Your Organization’s Cyber Security, for Real

By: Bill Walter

Another malicious cyber attack was reported just before the July 4 holiday weekend. This one hit close to home here at Gross Mendelsohn. Before I go into the details, rest assured that we were not affected.

This massive ransomware attack is one of many recent incidents that provides further proof that every business needs to take cyber security seriously, and put measures into place to prevent a disastrous attack.

This incident is another example of a supply chain attack: bad actors using tools meant for legitimate purposes, used to cause harm.

What Happened In the Attack?

This cyber attack targeted remote monitoring and management provider Kaseya.

Specifically, the hackers went after Kaseya’s VSA (virtual system/server administrator) product, which is used by thousands of companies worldwide to monitor and manage their IT infrastructure. These tools allow IT administrators to automate many processes and keep systems up to date. They let IT administrators know about hardware and software issues early on, before they become more serious. Essentially, Kaseya’s tools enable IT staff to do more and do it efficiently. That’s why the VSA tool is a target for cyber attackers who want to wreak havoc or make money illegitimately.

The hackers used Kaseya’s monitoring and management tool to inject ransomware into this trusted service. That, in turn, allowed them access into many more systems.

The good news is that Kaseya was on top of this situation. The company noticed the issue quickly, notified their clients and law enforcement, and initiated an all hands on deck response to this threat.

How Did We Respond at Gross Mendelsohn?

We use Kaseya’s products at Gross Mendelsohn and responded just as quickly.

First, we disabled all access to our VSA server. Then, we worked with Kaseya to check for indicators of compromise and verify we were not affected. We will continue to work with them until the incident is resolved.

Our firm uses every safeguard that Kaseya offers and has additional measures in place to protect our IT infrastructure and client data. Other than shutting down our remote management services briefly, we are not part of this compromise. We take security very seriously.

Additional Resources

You might be interested in the following resources from Gross Mendelsohn and the Cyber Security & Infrastructure Security Agency:

Need Help or Have Questions?

Our Technology Solutions Group includes a team of cyber security experts. We’re happy to meet with you for a free cyber security assessment of your organization’s IT infrastructure. Or, you can contact us online or call 410.685.5512 with any questions.

Published July 6, 2021

Webinar Recording

Cyber Security Wake-Up Call: What’s Putting Your Organization At Risk?

Cyber Security Wake-Up Call Screen Play

Small Businesses — Be On the Lookout for These Cyber Threats

If you think you’re immune to cyberattacks as a smaller-sized business, you’re wrong. Attackers don’t just pass small...

Threats and Vulnerabilities to Monitor This Cyber Security Awareness Month

Have you ever received an email from an unfamiliar source and wondered, “How did they know that information?” or “How...