Kaseya Community

Customers of 3 MSPs Shutdown by Ransomware via Kaseya, need details so we can protect our assets

This question is answered

https://www.darkreading.com/attacks-breaches/customers-of-3-msps-hit-in-ransomware-attacks/d/d-id/1335025?_mc=NL_DR_EDT_DR_daily_20190621&cid=NL_DR_EDT_DR_daily_20190621&elq_mid=91613&elq_cid=28059128

Need to know what was exploited and how we can protect ourselves and our clients.

Verified Answer
  • according to that article this was because of comprimised logins at the MSPs.  This is why everyone should implement PAM software.

All Replies
  • I agree that its a shame that Kaseya forces us to pay for MFA.

    Webroot MFA only has 1 option and its a poor one.

  • - From what I read here Kaseya is planning to include free MFA support 'soon' - helpdesk.kaseya.com/.../360047654391-Security-Announcement-06-21-2019-

  • Article seems to apply to SaaS customers.  Will this also apply to On Prem?

    They are recommending Auth Anvil, and will extend the trial from 14 to 90 days.  However, I don't see where they are saying MFA will be free.

  • Right there in the second bulletin point.

    2.) Enable Two Factor Authentication (2FA). In the near future, we will be releasing a 2FA integration which works across both free (e.g. Google Authenticator, Microsoft Authenticator, etc…) and paid 2FA vendors to provide customers with the maximum choice for protecting their logins. In the short-term, customers who are not currently using 2FA, can sign up Kaseya’s AuthAnvil. We will automatically extend the full-featured trial from 14 to 90 days. Sign up is available at: https://authanvil.com/try-it-free