Update Regarding Kaseya VSA Security Incident
TN TEAM partners with Kaseya as a leading IT Management platform service provider.
Kaseya’s VSA (Virtual System Administrator) IT Management platform product has unfortunately been the victim of a sophisticated cyberattack. This cyberattack, however, was limited to the software itself and has since been confirmed to only have affected a limited number of providers who host Kaseya VSA on their own Server infrastructure. Kaseya is not the first platform to fall victim to this type of attack as you may recall previously reported incidents involving Connectwise, Solarwinds, and other similar providers.
Fortunately for TN TEAM and its customers, we have our IT Management operation hosted on Kaseya’s Cloud Infrastructure that is confirmed unaffected by the software vulnerability that existed for on-premise infrastructures. A patch has been developed by Kaseya for these on-premise infrastructures and is currently being validated before its release today. They have also developed a vulnerability detector for those on-premise instances, which does not apply for us or their hosted infrastructure as those detectors are built-in to their controlled infrastructure.
While Kaseya’s cloud infrastructure that TN TEAM’s IT Management operation resides on was unaffected by this vulnerability and exploit, the Servers that host the platform were put in maintenance mode temporarily over the holiday weekend out of the abundance of caution and confirmation. We are awaiting those Servers to be brought out of maintenance mode today here shortly in a staged process. Until that time, Ticketing through our agent and Remote Control through our agent will be unavailable. However, our customers can still email our Support Desk and we are responding and putting action on requests as expected. Users can also still reach us by phone as well at 844-400-NOVA.
TN TEAM takes the upmost precaution for the protection and privacy of our customers. Had we been affected here, we have also since confirmed that our flagship Cybersecurity platform product SentinelOne was equipped to detect and respond to the exploit present in this attack. See more – SentinelOne vs Sodinokibi (REvil) . We are working closely with Kaseya to confirm all appropriate layered security policies and procedures are followed and enabled to ensure that protection for our clients and that we, as a provider, have the lowest risk factor possible that we can guarantee in partnership with our clients. While the threat landscape is rapidly changing and attacks are becoming more commonplace in today’s modern networks and infrastructures, we feel Kaseya handled this exploit as best as any organization could hope for with their rapid response, rapid maintenance mode enablement, and complete visibility with timely updates.
Thank you to our clients for your trust and partnership with TN TEAM as a leading provider of Managed IT, Cybersecurity, Data Protection, and Compliance. We have close relationships with our customers and want to ensure we keep that level of trust with full visibility of practices. Communication is key and we are here to keep you informed and answer any additional questions you may have as it relates to this incident.
Author: Derrick A Roberts, Managing Partner, TN TEAM