IT and Cybersecurity News

SECURITY BULLETIN: Kaseya VSA Security Incident

Written by Systems Engineering | July 08, 2021

UPDATE: July 27, 2021

In a Friday, July 23, 2021 announcement, the Kaseya Incident Response team reported no reports or issues with their remediation efforts for customers impacted by the July 2nd localized ransomware attack against their VSA on-premises product. Due to this positive report, Systems Engineering has resumed the use of the two unaffected Kaseya modules we were monitoring as a result of the original VSA attack.

ORIGINAL SECURITY BULLETIN: July 8, 2021

On Friday, July 2, 2021, technology firm Kaseya reported a localized ransomware attack against their VSA on-premises product used for remote monitoring and management (RMM). Please note that Systems Engineering does NOT use the VSA product for our RMM service, rather we use a different RMM platform for monitoring, remote access, patching, and managed antivirus (AV).

According to Kaseya, the VSA platform is the only Kaseya product affected by the attack, and all other Kaseya cloud management tools are not impacted. Systems Engineering does utilize two of the unaffected Kaseya modules, one for documentation (no connectivity to customer networks), and the other for network assessments (used only as-needed, and does not maintain a network connection once complete.) Even though neither of these products appears to be at risk, in an overabundance of caution, we have limited or stopped the use of these tools until further information is provided by Kaseya.

At this time, no action is required. Systems Engineering will continue to monitor the Kaseya VSA incident, and provide any additional updates as needed.

If you have questions about this security bulletin, please reach out to your Account Manager.