This Week Health: Newsroom artwork

Kaseya ransomware attack, What you Need to Know

This Week Health: Newsroom

English - July 07, 2021 08:00 - 8 minutes - 5.64 MB - ★★★★★ - 5 ratings
Medicine Health & Fitness Technology health it healthcare technology cio cmio interoperability news Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: Innovation Investment for 13 Health Systems
Next Episode: Internal Marketing for IT, Do You Do it Well?

CISA and the Federal Bureau of Investigation (FBI) continue to respond to the recent supply-chain ransomware attack leveraging a vulnerability in Kaseya VSA software against multiple managed service providers (MSPs) and their customers. CISA and FBI strongly urge affected MSPs and their customers to follow the guidance below.
CISA and FBI recommend affected MSPs:
Download the Kaseya VSA Detection Tool.  This tool analyzes a system (either VSA server or managed endpoint) and determines whether any indicators of compromise (IoC) are present.    
Enable and enforce multi-factor authentication (MFA) on every single account that is under the control of the organization, and—to the maximum extent possible—enable and enforce MFA for customer-facing services.
Implement allowlisting to limit communication with remote monitoring and management (RMM) capabilities to known IP address pairs, and/or
Place administrative interfaces of RMM behind a virtual private network (VPN) or a firewall on a dedicated administrative network.

CISA and FBI recommend MSP customers affected by this attack take immediate action to implement the following cybersecurity best practices

https://www.zdnet.com/article/kaseya-ransomware-supply-chain-attack-everything-you-need-to-know-updated/

CISA and the Federal Bureau of Investigation (FBI) continue to respond to the recent supply-chain ransomware attack leveraging a vulnerability in Kaseya VSA software against multiple managed service providers (MSPs) and their customers. CISA and FBI strongly urge affected MSPs and their customers to follow the guidance below.

CISA and FBI recommend affected MSPs:

Download the Kaseya VSA Detection Tool.  This tool analyzes a system (either VSA server or managed endpoint) and determines whether any indicators of compromise (IoC) are present.    Enable and enforce multi-factor authentication (MFA) on every single account that is under the control of the organization, and—to the maximum extent possible—enable and enforce MFA for customer-facing services.Implement allowlisting to limit communication with remote monitoring and management (RMM) capabilities to known IP address pairs, and/orPlace administrative interfaces of RMM behind a virtual private network (VPN) or a firewall on a dedicated administrative network.

CISA and FBI recommend MSP customers affected by this attack take immediate action to implement the following cybersecurity best practices

https://www.zdnet.com/article/kaseya-ransomware-supply-chain-attack-everything-you-need-to-know-updated/