Blog / No TRINUS clients at risk from Kaseya VSA attack
As you may have heard, the Kaseya VSA software platform was the victim of a serious and ongoing cyberattack. Please be advised that TRINUS does not use any Kaseya products and none of your machines have been compromised due to this high-profile attack.
Kaseya VSA is a remote access tool used by some managed IT service providers to monitor and troubleshoot their clients’ fleets of machines. The cybercriminal ransomware gang REvil was reportedly able to inject malicious code into a Kaseya VSA update. As a result, they were able to attack roughly 40 of Kaseya’s clients in at least 17 countries. However, because Kaseya’s clients are mainly managed services providers with their own client base, thousands of businesses both large and small have subsequently been hit with ransomware demands ranging from the thousands to millions of dollars. The attack is so widespread that some cyber security experts are estimating the Kaseya breach could become one of the broadest in history, although the full extent of the damage has yet to be determined. The fact that the attack occurred on the Fourth of July weekend further complicated matters and delayed the response as only skeletal IT teams were left to handle the event while most others were celebrating.
This attack is unique in that it combined ransomware with a ‘supply-chain attack.’ Supply chain attacks target already trusted software or hardware. By attacking a single supply point, hackers can gain access to an entire user-base, rather than having to target individual users. As a result, a single attack can yield thousands of victims. Supply-chain attacks are becoming increasingly common and it’s likely we’ll all hear more about them in the future.
In the meantime, please rest assured that TRINUS does not use any Kaseya software products and that all TRINUS client machines remain secure. TRINUS is continuing to monitor this ongoing attack and will advise clients of any relevant updates.
However, if you are NOT a TRINUS client and have been attacked due to the Kaseya breach, please feel free to reach out to us and we’ll be happy to assist you as best we can.
If you have additional questions, or would like to review your cyber security profile, please contact your TRINUS account manager.
The TRINUS Team