While most Americans were stocking their coolers and cleaning their grills in preparation for Independence Day, cybercriminals were quietly executing one of the most devastating ransomware attacks in recent years.
The Wrong IT Provider Can Ruin Your Day (and Your Business)
Yet again, hackers used IT providers as a centralized way to infiltrate and attack numerous small businesses and organizations. There’s no reason to believe that attacks of this type will fall out of favor, as they are incredibly efficient. A bad actor need only bypass a single IT provider’s security to gain access to dozens, or potentially hundreds, of targets.
Because IT companies have direct access to their clients’ networks and data through their tools, hacking a managed IT provider is akin to stealing a keyring that can unlock the doors of hundreds of vaults.
These supply chain attacks are often carried out through Remote Monitoring and Management tools which are specifically designed to give IT companies a direct pipeline into their clients’ hardware and networks.
In the case of this week’s attack, the compromised software was Kaseya, a remote tool used by thousands of IT companies throughout the world. (Heiden Technology Solutions does not use Kaseya, and there was no risk to our clients.)
It’s imperative that organizations choose IT providers who use the most secure tools and take the extra steps necessary to minimize damage should any tool be breached. IT supply chains are sometimes long, and managed IT companies have no control over their vendors’ software development, but it still falls upon them to have redundancies and protections in place should a vendor’s software be compromised.
Heiden is Always Vigilant
Hours after the attack came to light, experts speculated that hackers deliberately started the attack on the weekend of July 4th — since many businesses run skeleton crews around holidays, the timing could allow the attack to run longer before intervention.
Our cybersecurity team knows that cybercrime is often opportunistic, and our continued vigilance ensured that Heiden wasn’t caught unawares despite the holiday. Cyberattacks don’t observe long weekends, and that means our IT and cyberdefense staff must always be at full readiness.
MSP Overwatch Certified IT Provider
In the aftermath of this attack, we’re seeing countless IT providers throughout the country scrambling to increase their cyberdefense posture. Managed service providers are talking about certifications, audits, controls, and regulation — but at Heiden, we’ve always considered cybersecurity critically important.
Waiting until disaster strikes is downright irresponsible when your clients’ safety and livelihoods are on the line. That’s why we’ve always taken a uniquely proactive approach to security, working hard to surpass other IT providers by leaps and bounds.
Heiden Technology Solutions is the first IT provider in the country to earn a TISC-2020 cybersecurity certification (over one year ago). Earning this certification requires stringent adherence to security best practices, use of the right tools, and tight internal processes. Our entire security posture was evaluated by an outside team of cybersecurity experts, and we ultimately earned the right to say that we’re the most secure IT provider in Michigan (because, unlike 99% of IT providers, we can prove it).
While other IT providers are scrambling to earn similar certifications and improve their defenses — a process that can take months — our clients are sitting secure.
https://heidentechnology.com/sites/default/files/2022-12/ransomware-kaseya-2021-1024×596.jpg