Customer Support
Request Pricing

Kaseya VSA Supply-Chain Ransomware Attack

Once again, another Ransomware breach has threatened SMB’s across the country.  As most know by now, Kaseya, an IT solutions developer, has become the latest victim of a major software supply chain hack that has impacted more than 1,500 companies.  To read the full release from the Cybersecurity & Infrastructure Security Agency (CISA), click here.

At AT-NET, we understand that breaches are always a possibility, no matter how diligent you and your employees remain.  With many breaches such as this most recent Kaseya incident, it’s not even your organization’s fault that this has happened, but it is your responsibility to have an Incident Response Plan in place to protect your data and keep your business running.

On the heels of the Colonial pipeline breach, we put together a set of recommendations and mitigations from CISA to help guide you on protecting your business.  You can find those mitigations here, but below are a couple of our key suggestions:

  • Require multi-factor authentication for remote access to OT and IT networks.
  • Enable strong spam filters to prevent phishing emails from reaching end users. Filter emails containing executable files from reaching end users.
  • Implement a user training program and simulated attacks for spear phishing to discourage users from visiting malicious websites or opening malicious attachments and reinforce the appropriate user responses to spear-phishing emails.
  • Filter network traffic to prohibit ingress and egress communications with known malicious IP addresses. Prevent users from accessing malicious websites by implementing URL blocklists and/or allowlists.
  • Update software, including operating systems, applications, and firmware, on IT network assets promptly. Consider using a centralized patch management system; use a risk-based assessment strategy to determine which OT network assets and zones should participate in the patch management program.
  • Implement regular data backup procedures on both the IT and OT networks. Backup procedures should be conducted frequently, tested regularly, and stored separately.

If you are concerned that your organization’s ability to complete any of the above recommendations, or you would like help putting together an Incident Response Plan, please contact us here or give us a call at (844) 506-2116.

Picture of Jeffrey King
Jeffrey King

President of AT-NET | Managed Technology Solutions Expert | Cybersecurity Specialist

Jeffrey King is an experienced leader in managed technology solutions with more than 20 years of expertise. As President of AT-NET, he oversees a wide range of services including IT support, cloud solutions, cybersecurity, and business risk management.

His work focuses on cybersecurity and network architecture, with hands-on skills across Unix, VMware, Linux, Cisco, and Microsoft systems. Under his leadership, AT-NET delivers solutions in areas such as compliance (HIPAA, CMMC, PCI, SEC, FINRA), vulnerability management, data backup and recovery, email and endpoint security, and IT project management.

Jeffrey also guides initiatives in co-managed IT services, structured cabling, VoIP systems, and integrated security technologies such as cameras and access control.

Get in touch with our experts and get a free consultation

Get in Touch
Recent Posts:
Get a Free Consultation

Contact our experts today

Get in Touch
Recent Posts:
All Resources ⬈
To safeguard your business against the unexpected, contact us for a free consultation.

Together, we can build a resilient future for your business.

Speak to an Expert