Many of you may have read over the weekend that an IT infrastructure management company called Kaseya was successfully breached by a ransomware hack. This event potentially impacted thousands of companies because their IT managers – MSPs like us – used that Kaseya tool to monitor their clients’ networks.
All Cynexlink clients should take comfort in knowing this: you have ZERO exposure to this event.
**Note: if you are visiting our site for the first time, your current MSP uses Kaseya VSA and you are looking to make a change, the quickest way is by contacting us here. We have created a special offer for Kaseya clients and we will reply immediately to help your organization chart a rapid path to IT safety.
The article below provides a quick background on what Kaseya does and why this breach is potentially so far-reaching, as well as why we weren’t completely stunned by news of this breach.
Who & What is Kaseya?
All Managed Service Providers (MSPs) like Cynexlink use various software solutions to manage and monitor their clients’ networks for patching, operating system status, data backup, email spam protection and much more.
The primary monitoring software used by companies like ours is an RMM solution, which stands for Remote Monitoring and Management. Such a tool helps provide us visibility at scale, reporting, automation, efficiency and more. While an RMM solution is merely one tool in the toolbelt of an IT solutions provider like us, it serves as the heartbeat of the MSP’s tech stack.
Kaseya’s RMM product, which they call VSA, is what was breached. This means that not only were all of Kaseya’s MSP clients put at risk, so too were all the end clients of those MSPs! Initial reports said 200 companies were impacted by this breach; we will be very surprised if that figure doesn’t end up far higher when the dust settles.
Familiar names of RMM solution providers include smaller companies like NinjaRMM, N-Able and Atera, while the two biggest, most credible players are ConnectWise and Datto. We use Datto because their RMM tool, Autotask, is our industry’s gold standard.
Kaseya’s Place in the IT Universe
Kaseya has been working feverishly to move up into the top-tier IT provider category alongside Datto and ConnectWise, which is why it attracted so much private equity interest a couple years ago.
Behind the scenes, there has been a ton of consolidation in our industry over the last few years, and it has centered on these RMM tools – either as acquirers or acquirees – driven by economies of scale. By adding firewall management, backup and recovery, cybersecurity tools and more to an RMM under one roof, the potential for growth is staggering. This is why Kaseya has raised over $500MM dollars over the last 2+ years — to grab a piece of that market.
The path to providing more and more IT solutions beyond the RMM tool comes down to a choice between building it and buying it. Kaseya chose to raise money and buy.
With all that fresh PE money, Kaseya went on a torrid acquisition spree, buying backup providers, cybersecurity companies, anti-phishing solutions, network assessment programs and more. The management challenge with such consolidation plays, however is huge: not only do company cultures have to be merged, so do all the business units, product features and technologies used. In such a growth-first environment, key details can be missed without any ill intent whatsoever.
Indeed, our team spends more than 500 hours per year in training and product review sessions in order to stay up on the latest technology and cybersecurity solutions for our clients. When a new, better tool comes along in a category, it gets added to our tech stack and the previous leader gets the boot… being able to monitor IT advancements is one of the big advantages of hiring a firm like ours.
As part of our ongoing IT vetting process, we have assessed a number of Kaseya products in the last couple of years. Without being too specific for not wanting to drive the stiletto too hard at this moment in time, there were definitely some warning signs that key details were being missed.
Massive Business Challenges Remain
It will be interesting to see how Kaseya simply survives this high-profile event.
In the short-term, there is the issue of the $70 million ransom the hackers are demanding to release the stolen data.
Next, every MSP client of Kaseya must be exploring a move to a competitor this morning, but a systemic transfer of that kind is no overnight project. If those MSPs don’t move, however, their end clients will wonder how their IT provider can stay put — or how they can continue to work with, and have confidence in, an MSP that won’t leave Kaseya.
Maybe all of this can be fixed with a little P.R. and a lot more of what matters — actual cybersecurity investment and restructuring. Only time will tell.
For those end clients who don’t want to wait and need help getting away from Kaseya, contact us not only for a special offer for Kaseya clients only, but a simple 3-step, 3 week plan to provide a port in a storm for your network and data.