Questions Arise from Most Recent MSP Ransomware Attack

Managed service providers (MSPs) typically utilize third-party software platforms to access, monitor and patch client computer systems. These platforms provide a huge array of tools to help us do our jobs. These tools are installed by the MSP on client computers, servers, and other devices. With these tools, we can perform almost any task remotely, thereby minimizing disruptions on the client-side and providing our customers with a superior experience.

While most MSPs have procedures in place to minimize threats (indeed, that’s usually the point), third-party software applications are now becoming the target of attackers. That’s because these applications typically have extensive access and permissions to operate on systems unfettered.

Over the weekend, one MSP software provider called Kaseya was attacked, resulting in extensive problems for fewer than 1,500 businesses, according to recent news articles.

Apheus is a managed service provider, and while we do not use Kaseya products, we do currently utilize software designed for MSPs. As such, we are closely monitoring this latest situation and developing a strategy to help minimize our risk and that of our clients.