{"id":18798,"date":"2021-07-07T00:45:06","date_gmt":"2021-07-07T00:45:06","guid":{"rendered":"https:\/\/www.esecurityplanet.com\/?p=18798"},"modified":"2022-08-16T16:08:38","modified_gmt":"2022-08-16T16:08:38","slug":"kaseya-breach-underscores-vulnerability-of-it-management-tools","status":"publish","type":"post","link":"https:\/\/www.esecurityplanet.com\/threats\/kaseya-breach-underscores-vulnerability-of-it-management-tools\/","title":{"rendered":"Kaseya Breach Underscores Vulnerability of IT Management Tools"},"content":{"rendered":"\r\n<p>Managed service providers (MSPs) have long relied on third-party software to manage clients&#8217; IT infrastructure, but a massive ransomware attack launched over the weekend at customers of Kaseya will likely cause MSPs to take a harder look at the security of their IT suppliers.<\/p>\r\n\r\n\r\n\r\n<p>Kaseya revealed late Friday night that a zero-day vulnerability in its VSA on-premises servers resulted in 60 clients being directly compromised, impacting a pool of 1,500 downstream businesses. After a series of highly publicized <a href=\"https:\/\/www.esecurityplanet.com\/threats\/ransomware-protection\/\">ransomware<\/a> attacks this spring, the Kaseya attack most resembles the <a href=\"https:\/\/www.esecurityplanet.com\/threats\/fireeye-solarwinds-breaches-implications-protections\/\">compromise of SolarWinds<\/a> in late 2020.<\/p>\r\n\r\n\r\n\r\n<p>Like SolarWinds, both companies serve large B2B audiences, where Kaseya&#8217;s products produce hundreds of end products and services. And therein lies why third-party and <a href=\"https:\/\/www.esecurityplanet.com\/threats\/phishing-attacks\/\">supply chain attacks<\/a> are so daunting. Instead of targeting a single company, threat actors attacking broadly used IT tools like Kaseya or SolarWinds can infiltrate an umbrella of companies. Kaseya\u2019s access to a network of SMB IT vendors and <a href=\"https:\/\/www.channelinsider.com\/managed-services\/kaseya-breach-shakes-faith-in-itsm-platforms\/\">managed service providers (MSP)<\/a> is a dangerous prospect in malicious hands.<\/p>\r\n\r\n\r\n\r\n<p>The question now is \u2013 how can organizations trust third-party software?<\/p>\r\n\r\n\r\n\r\n<p>As industry analysts consider the next zero-day threats and the implications of more <a href=\"https:\/\/www.esecurityplanet.com\/threats\/ransomware-protection\/\">ransomware<\/a> and supply chain attacks, we look at the attacks and what organizations can do to defend themselves against advancing threats.<\/p>\r\n\r\n\r\n\r\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_68_1 ez-toc-wrap-left counter-flat ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-66d6fbdfeb441\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"ez-toc-cssicon\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #ffffff;color:#ffffff\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #ffffff;color:#ffffff\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-66d6fbdfeb441\"  aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.esecurityplanet.com\/threats\/kaseya-breach-underscores-vulnerability-of-it-management-tools\/#VSA-server-breached\" title=\"VSA server breached\">VSA server breached<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.esecurityplanet.com\/threats\/kaseya-breach-underscores-vulnerability-of-it-management-tools\/#High-profile-attacks-on-the-rise\" title=\"High-profile attacks on the rise\">High-profile attacks on the rise<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.esecurityplanet.com\/threats\/kaseya-breach-underscores-vulnerability-of-it-management-tools\/#Managing-supply-chain-risk\" title=\"Managing supply chain risk\">Managing supply chain risk<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.esecurityplanet.com\/threats\/kaseya-breach-underscores-vulnerability-of-it-management-tools\/#Kaseya-provides-security-tools\" title=\"Kaseya provides security tools\">Kaseya provides security tools<\/a><\/li><\/ul><\/nav><\/div>\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"VSA-server-breached\"><\/span>VSA server breached<span class=\"ez-toc-section-end\"><\/span><\/h2>\r\n\r\n\r\n\r\n<p>Kaseya\u2019s flagship product is a <a href=\"https:\/\/www.channelinsider.com\/trends\/-and-trends\/remote-monitoring-management\/\">remote monitoring and management<\/a> (RMM) solution called the Virtual Systems Administrator (VSA) and is the product at the center of the current attack. When administrators noticed suspicious behavior on Friday, Kaseya shut down VSA.<\/p>\r\n\r\n\r\n\r\n<div class=\"wp-block-image\"><figure class=\"alignright size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.esecurityplanet.com\/wp-content\/uploads\/2021\/07\/Kaseya.Logo_.CI_.jpeg\" alt=\"\" class=\"wp-image-18802\" width=\"248\" height=\"176\"\/><\/figure><\/div>\r\n\r\n\r\n\r\n<p>Kaseya&#8217;s on-premises VSA server is a powerful machine designed for MSPs and IT vendors serving a remote network of their clients. Through a software update to <a href=\"https:\/\/www.esecurityplanet.com\/products\/patch-management-software\/\">Kaseya VSA<\/a>, the threat actors deployed a zero-day vulnerability and from there could access network segments connected to VSA servers.<\/p>\r\n\r\n\r\n\r\n<p>Kaspersky researchers <a href=\"https:\/\/securelist.com\/revil-ransomware-attack-on-msp-companies\/103075\/\">detailed the attack techniques<\/a> and noted they had seen more than 5,000 attack attempts in 22 countries. Kaspersky recommended a number of defensive steps, among them:<\/p>\r\n\r\n\r\n\r\n<ul class=\"wp-block-list\"><li aria-level=\"1\">Not exposing <a href=\"https:\/\/www.channelinsider.com\/trends\/-and-trends\/the-remote-desktop-software-market\/\">remote desktop services<\/a> (such as RDP) to public networks unless absolutely necessary and always using strong passwords for them<\/li><li aria-level=\"1\">Promptly installing available patches for commercial <a href=\"https:\/\/www.esecurityplanet.com\/products\/enterprise-vpn-solutions\/\">VPN solutions<\/a> providing access for remote employees and acting as gateways in your network<\/li><li aria-level=\"1\">Always keeping software updated on all the devices you use to prevent ransomware from exploiting vulnerabilities<\/li><li aria-level=\"1\">Focusing your defense strategy on detecting lateral movements and data exfiltration to the internet. Pay special attention to the outgoing traffic to detect cybercriminals&#8217; connections. Backup data regularly. Make sure you can quickly access it in an emergency when needed.<\/li><\/ul>\r\n\r\n\r\n\r\n<p>REvil attracted media attention last month for its ransomware attack against meat-processing company JBS Foods. The <a href=\"https:\/\/www.esecurityplanet.com\/threats\/ransomware-as-a-service-raas-ttp-protections\/\">Ransomware-as-a-Service<\/a> (RaaS) gang infiltrated Kaseya&#8217;s server, moved to client networks, and executed ransomware encryption to lock end-client networks. Kaseya is updating clients on developments at <a href=\"https:\/\/helpdesk.kaseya.com\/hc\/en-gb\/articles\/4403440684689-Important-Notice-July-4th-2021\">this link<\/a>.<\/p>\r\n\r\n\r\n\r\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"High-profile-attacks-on-the-rise\"><\/span>High-profile attacks on the rise<span class=\"ez-toc-section-end\"><\/span><\/h2>\r\n\r\n\r\n\r\n<h3 class=\"wp-block-heading\">Establishing Standards for Secure Systems<\/h3>\r\n\r\n\r\n\r\n<p>Working concepts like verified reproducible builds and software bill of materials (SBOM) are valuable additions to the conversation while the IT marketplace remains relatively unregulated. The chaotic nature of software development and build pipelines must change, but for now, that change starts with businesses demanding greater transparency before signing contract terms.<\/p>\r\n\r\n\r\n\r\n<p>Though these are promising concepts, analysts noted having a SBOM here wouldn\u2019t have made a difference for the Kaseya breach. A reliance on built-in trust between systems and excessive user privileges is a risk that a list of ingredients can\u2019t fix.<\/p>\r\n\r\n\r\n\r\n<p><em>Read more about reproducible builds, SBOMs, and certificate forgery in our comprehensive look at the <\/em><a href=\"https:\/\/www.esecurityplanet.com\/threats\/guarding-against-solorigate-ttps-solarwinds-hack\/\"><em>SolarWinds hack tactics<\/em><\/a><em>.<\/em><\/p>\r\n\r\n\r\n\r\n<h3 class=\"wp-block-heading\">Preparing for Criminal Enterprise<\/h3>\r\n\r\n\r\n\r\n<p>REvil is representative of a business-oriented movement of black hatters. While other Ransomware-as-a-Service (<a href=\"https:\/\/www.itbusinessedge.com\/security\/ransomware-as-a-service\/\">RaaS<\/a>) and zero-day threat offerings are declining, <a href=\"https:\/\/trends\/.sophos.com\/en-us\/2021\/07\/04\/independence-day-revil-uses-supply-chain-exploit-to-attack-hundreds-of-businesses\/amp\/\">Sophos Labs reports<\/a> REvil is taking the mantle. Some threat groups promote a moral code of conduct, but there\u2019s little evidence to prove actors are held accountable for misuse like targeting critical infrastructure, nonprofit, and public organizations.<\/p>\r\n\r\n\r\n\r\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Managing-supply-chain-risk\"><\/span>Managing supply chain risk<span class=\"ez-toc-section-end\"><\/span><\/h2>\r\n\r\n\r\n\r\n<p>For the time being, managing supply chain risk means meticulous attention to detail, supply chain relationships based on trust and transparency, and having a breach mindset. Mastering software inventory details gives network administrators visibility into organization systems, applications, and traffic flows.<\/p>\r\n\r\n\r\n\r\n<p><em>Read about our picks for the <\/em><a href=\"https:\/\/www.esecurityplanet.com\/products\/breach-and-attack-simulation-bas-vendors\/\"><em>top breach and attack simulation<\/em><\/a><em> (BAS) vendors of 2021.<\/em><\/p>\r\n\r\n\r\n\r\n<h3 class=\"wp-block-heading\">The breach mindset<\/h3>\r\n\r\n\r\n\r\n<p>As attacks continue, the security wisdom to organizations is to visualize and imagine the subsequent breaches. If a network segment like the organization&#8217;s <a href=\"https:\/\/technologyadvice.com\/crm\/\">CRM<\/a> application becomes compromised, what will the impact be? Specifically, what does access between network segments look like for internal clients?<\/p>\r\n\r\n\r\n\r\n<h3 class=\"wp-block-heading\">Deploying zero trust security<\/h3>\r\n\r\n\r\n\r\n<p>A resounding security industry answer to today&#8217;s advanced threats is <em>zero trust<\/em>. As the network perimeter proves too tricky to guard, there&#8217;s no question that determined intruders can gain access.<\/p>\r\n\r\n\r\n\r\n<p>For this quandary, network administrators need a solution that understands system relationships and prohibits anomalous behavior. For <a href=\"https:\/\/www.esecurityplanet.com\/networks\/managed-services-a-security-problem-and-solution\/\">MSP clients<\/a>, they expect their managed service provider to offer solutions fit for their network\u2019s needs.<\/p>\r\n\r\n\r\n\r\n<p>Raghu Nandakumara, Illumio&#8217;s EMEA and APAC Field CTO, told <em>eSecurity Planet<\/em>:<\/p>\r\n\r\n\r\n\r\n<div class=\"wp-block-image\"><figure class=\"alignright size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.esecurityplanet.com\/wp-content\/uploads\/2021\/07\/ESP.Illumio.png\" alt=\"\" class=\"wp-image-18804\" width=\"299\" height=\"135\"\/><\/figure><\/div>\r\n\r\n\r\n\r\n<p class=\"has-text-align-left dropcapp\"><em><span class=\"has-inline-color has-black-color\">&#8220;When ransomware is distributed via authorized management channels, it is indeed difficult to stop it from spreading &#8211; and detection and response must focus efforts on the target endpoints. zero trust approaches to security put emphasis on visibility of all actions, and the ability to identify expected and normal actions compared to unexpected and abnormal activity. As we see a maturity in zero trust adoption, we will see both improved granularity in controls, coupled with more sophisticated detection of unauthorized actions, that will improve the ability to identify malicious behavior and limit its impact.&#8221;<\/span><\/em><\/p>\r\n\r\n\r\n\r\n<p>The ability to understand expected movements and to respond when the unexpected occurs is the domain of security tools like <a href=\"https:\/\/www.esecurityplanet.com\/networks\/how-zero-trust-security-can-protect-against-ransomware\/\">zero trust<\/a> and <a href=\"https:\/\/www.esecurityplanet.com\/products\/best-user-and-entity-behavior-analytics-ueba-tools\/\">UEBA<\/a>.<\/p>\r\n\r\n\r\n\r\n<p><em>Interested in learning more about zero trust? Read our Guides to&nbsp;<\/em><a href=\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-zero-trust\/\"><em>Implementing Zero Trust<\/em><\/a><em> and <\/em><a href=\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-microsegmentation\/\"><em>Implementing Microsegmentation<\/em><\/a>.<\/p>\r\n\r\n\r\n\r\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Kaseya-provides-security-tools\"><\/span>Kaseya provides security tools<span class=\"ez-toc-section-end\"><\/span><\/h2>\r\n\r\n\r\n\r\n<p>Kaseya, meanwhile, has released a number of security tools it said will greatly reduce the attack surface of Kaseya VSA:<\/p>\r\n\r\n\r\n\r\n<ul class=\"wp-block-list\"><li aria-level=\"1\">A 24\/7 independent security operations center (<a href=\"https:\/\/www.esecurityplanet.com\/networks\/soc-best-practices\/\">SOC<\/a>) for every VSA, with the ability to quarantine and isolate files and entire VSA servers<\/li><li aria-level=\"1\">A complementary content delivery network (CDN) with web application firewall (<a href=\"https:\/\/www.esecurityplanet.com\/products\/top-web-application-firewall-waf-vendors\/\">WAF<\/a>) for every VSA (including on-premises opt-in)<\/li><li aria-level=\"1\">Customers who whitelist IPs will be required to whitelist additional IPs<\/li><\/ul>\r\n\n\n<div id=\"ta-campaign-widget-66d6fbdfe61fe-popup-wrapper\" class=\"ta-campaign-widget__popup-wrapper\">\n    \n<div\n    style=\"\n        --ta-campaign-plugin-primary: #3545ed;\n        --ta-campaign-plugin-button-text: #fff;\n        --ta-campaign-plugin-button-hover-background: #3231b4;\n        --ta-campaign-plugin-button-hover-text: #fff;\n        --ta-campaign-plugin-button-toggle-background: #3231b4;\n        --ta-campaign-plugin-button-toggle-text: #3231B4;\n    \"\n    data-ajax-url=\"https:\/\/www.esecurityplanet.com\/wp\/wp-admin\/admin-ajax.php\">\n    <div\n        id=\"ta-campaign-widget-66d6fbdfe61fe\"\n        class=\"ta-campaign-widget ta-campaign-widget--popup\"\n        data-campaign-fields='{\"properties\":{\"campaign_type\":\"popup\",\"campaign_category\":false,\"sailthru_list\":[\"cybersecurity-insider\"],\"popup_type\":\"exit_intent\",\"appearance\":{\"colors\":{\"primary_color\":\"#3545ed\",\"button\":{\"button_text_color\":\"#fff\",\"hover\":{\"button_hover_background_color\":\"#3231b4\",\"button_hover_text_color\":\"#fff\"},\"toggle\":{\"button_toggle_background_color\":\"#3231b4\",\"button_toggle_text_color\":\"#3231B4\"}}},\"custom_scss\":\"\"},\"behavior\":{\"opt_in_enabled\":true},\"language\":{\"tagline\":\"Get the Free Cybersecurity Newsletter\",\"subtagline\":\"\",\"content\":\"Strengthen your organization&#39;s IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday\",\"email_placeholder\":\"Work Email Address\",\"opt_in\":\"By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.\",\"subscribe_button\":\"Subscribe\"}},\"identifier\":\"66d6fbdfe61fe\",\"campaign_id\":26045,\"campaign_type\":\"popup\",\"popup_type\":\"exit_intent\",\"newsletters\":[\"cybersecurity-insider\"],\"behavior\":{\"opt_in_enabled\":true},\"appearance\":{\"colors\":{\"primary\":\"#3545ed\",\"button\":{\"text\":\"#fff\",\"hover\":{\"background\":\"#3231b4\",\"text\":\"#fff\"},\"toggle\":{\"background\":\"#3231b4\",\"text\":\"#3231B4\"}}},\"custom_css\":\"\"},\"language\":{\"tagline\":\"Get the Free Cybersecurity Newsletter\",\"subtagline\":\"\",\"content\":\"Strengthen your organization&#39;s IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday\",\"email_placeholder\":\"Work Email Address\",\"opt_in\":\"By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.\",\"subscribe_button\":\"Subscribe\"}}'>\n\n                <div class=\"ta-campaign-widget__exit\">\n            <svg class=\"w-8\" fill=\"none\" stroke=\"currentColor\" stroke-width=\"1.5\" viewBox=\"0 0 24 24\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\">\n                <path stroke-linecap=\"round\" stroke-linejoin=\"round\" d=\"M6 18L18 6M6 6l12 12\"><\/path>\n            <\/svg>\n        <\/div>\n        \n        <div class=\"ta-campaign-widget__wrapper\">\n            <div class=\"ta-campaign-widget__header mb-6\">\n                                <h3 class=\"ta-campaign-widget__tagline\">\n                    Get the Free Cybersecurity Newsletter                <\/h3>\n                \n                \n                                <p class=\"ta-campaign-widget__content mt-6\">\n                    Strengthen your organization's IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday                <\/p>\n                            <\/div>\n\n            <form class=\"ta-campaign-widget__form\">\n                <div class=\"ta-campaign-widget__input mb-4\"  data-field=\"email\">\n                    <label\n                        class=\"sr-only\"\n                        for=\"email-66d6fbdfe61fe\">\n                        Email Address\n                    <\/label>\n                    <input\n                        class=\"ta-campaign-widget__input__text\"\n                        placeholder=\"Work Email Address\"\n                        id=\"email-66d6fbdfe61fe\"\n                        name=\"email\"\n                        type=\"email\">\n                <\/div>\n\n                                <div class=\"ta-campaign-widget__checkbox mb-4\" data-field=\"opt_in\">\n                    <div class=\"flex items-start\">\n                        <input\n                            id=\"opt-in-66d6fbdfe61fe\"\n                            class=\"ta-campaign-widget__checkbox__input mr-2\"\n                            name=\"opt-in\"\n                            type=\"checkbox\"\/>\n                        <label\n                            class=\"ta-campaign-widget__checkbox__label\"\n                            for=\"opt-in-66d6fbdfe61fe\">\n                            By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.                        <\/label>\n                    <\/div>\n                <\/div>\n                \n                <button class=\"ta-campaign-widget__button\" type=\"submit\" >\n                    Subscribe                <\/button>\n            <\/form>\n        <\/div>\n    <\/div>\n<\/div>\n\n<style>\n<\/style><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Managed service providers (MSPs) have long relied on third-party software to manage clients&#8217; IT infrastructure, but a massive ransomware attack launched over the weekend at customers of Kaseya will likely cause MSPs to take a harder look at the security of their IT suppliers. Kaseya revealed late Friday night that a zero-day vulnerability in its [&hellip;]<\/p>\n","protected":false},"author":250,"featured_media":18800,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_gazelle_contributing_experts":"","footnotes":""},"categories":[15],"tags":[14716,6440],"b2b_audience":[33],"b2b_industry":[],"b2b_product":[31788,448,67,389,143,376,146,161,379],"class_list":["post-18798","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-threats","tag-apt","tag-msp","b2b_audience-awareness-and-consideration","b2b_product-advanced-persistent-threats","b2b_product-hosted-and-managed-services","b2b_product-it","b2b_product-managed-security-services","b2b_product-security","b2b_product-security-services","b2b_product-services","b2b_product-supply-chain-management","b2b_product-threats-and-vulnerabilities"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Kaseya Breach Underscores Vulnerability in Managed IT | eSecurity Planet<\/title>\n<meta name=\"description\" content=\"The Kaseya breach poses risk to a network of MSPs and their clients, shining light on supply chain vulnerabilities.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.esecurityplanet.com\/threats\/kaseya-breach-underscores-vulnerability-of-it-management-tools\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Kaseya Breach Underscores Vulnerability in Managed IT | eSecurity Planet\" \/>\n<meta property=\"og:description\" content=\"The Kaseya breach poses risk to a network of MSPs and their clients, shining light on supply chain vulnerabilities.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.esecurityplanet.com\/threats\/kaseya-breach-underscores-vulnerability-of-it-management-tools\/\" \/>\n<meta property=\"og:site_name\" content=\"eSecurity Planet\" \/>\n<meta property=\"article:published_time\" content=\"2021-07-07T00:45:06+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-08-16T16:08:38+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/07\/Kaseya-Breach-Underscores-Vulnerability-of-IT-Management-Tools-scaled.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2560\" \/>\n\t<meta property=\"og:image:height\" content=\"1706\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Sam Ingalls\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@https:\/\/twitter.com\/SamIngalls\" \/>\n<meta name=\"twitter:site\" content=\"@eSecurityPlanet\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Sam Ingalls\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/kaseya-breach-underscores-vulnerability-of-it-management-tools\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/kaseya-breach-underscores-vulnerability-of-it-management-tools\/\"},\"author\":{\"name\":\"Sam Ingalls\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/40407ef36d4a8822d7fcd993b93faba2\"},\"headline\":\"Kaseya Breach Underscores Vulnerability of IT Management Tools\",\"datePublished\":\"2021-07-07T00:45:06+00:00\",\"dateModified\":\"2022-08-16T16:08:38+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/kaseya-breach-underscores-vulnerability-of-it-management-tools\/\"},\"wordCount\":1059,\"publisher\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/kaseya-breach-underscores-vulnerability-of-it-management-tools\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/07\/Kaseya-Breach-Underscores-Vulnerability-of-IT-Management-Tools-scaled.jpg\",\"keywords\":[\"APT\",\"MSP\"],\"articleSection\":[\"Threats\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/kaseya-breach-underscores-vulnerability-of-it-management-tools\/\",\"url\":\"https:\/\/www.esecurityplanet.com\/threats\/kaseya-breach-underscores-vulnerability-of-it-management-tools\/\",\"name\":\"Kaseya Breach Underscores Vulnerability in Managed IT | eSecurity Planet\",\"isPartOf\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/kaseya-breach-underscores-vulnerability-of-it-management-tools\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/kaseya-breach-underscores-vulnerability-of-it-management-tools\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/07\/Kaseya-Breach-Underscores-Vulnerability-of-IT-Management-Tools-scaled.jpg\",\"datePublished\":\"2021-07-07T00:45:06+00:00\",\"dateModified\":\"2022-08-16T16:08:38+00:00\",\"description\":\"The Kaseya breach poses risk to a network of MSPs and their clients, shining light on supply chain vulnerabilities.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/kaseya-breach-underscores-vulnerability-of-it-management-tools\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.esecurityplanet.com\/threats\/kaseya-breach-underscores-vulnerability-of-it-management-tools\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/kaseya-breach-underscores-vulnerability-of-it-management-tools\/#primaryimage\",\"url\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/07\/Kaseya-Breach-Underscores-Vulnerability-of-IT-Management-Tools-scaled.jpg\",\"contentUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/07\/Kaseya-Breach-Underscores-Vulnerability-of-IT-Management-Tools-scaled.jpg\",\"width\":2560,\"height\":1706,\"caption\":\"Organizations reliant on IT service management and MSPs must be guarded to reduce supply chain vulnerabilities.\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.esecurityplanet.com\/threats\/kaseya-breach-underscores-vulnerability-of-it-management-tools\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.esecurityplanet.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Kaseya Breach Underscores Vulnerability of IT Management Tools\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#website\",\"url\":\"https:\/\/www.esecurityplanet.com\/\",\"name\":\"eSecurity Planet\",\"description\":\"Industry-leading guidance and analysis for how to keep your business secure.\",\"publisher\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.esecurityplanet.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#organization\",\"name\":\"eSecurityPlanet\",\"url\":\"https:\/\/www.esecurityplanet.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png\",\"contentUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png\",\"width\":1134,\"height\":375,\"caption\":\"eSecurityPlanet\"},\"image\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/eSecurityPlanet\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/40407ef36d4a8822d7fcd993b93faba2\",\"name\":\"Sam Ingalls\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2022\/08\/Sam-Ingalls-Square-150x150.jpg\",\"contentUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2022\/08\/Sam-Ingalls-Square-150x150.jpg\",\"caption\":\"Sam Ingalls\"},\"description\":\"Sam Ingalls is an award-winning writer and researcher covering enterprise technology, cybersecurity, data centers, and IT trends, for eSecurity Planet, Tech Republic, ServerWatch, Webopedia, and Channel Insider.\",\"sameAs\":[\"https:\/\/www.linkedin.com\/in\/singalls\/\",\"https:\/\/x.com\/https:\/\/twitter.com\/SamIngalls\"],\"url\":\"https:\/\/www.esecurityplanet.com\/author\/singalls\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Kaseya Breach Underscores Vulnerability in Managed IT | eSecurity Planet","description":"The Kaseya breach poses risk to a network of MSPs and their clients, shining light on supply chain vulnerabilities.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.esecurityplanet.com\/threats\/kaseya-breach-underscores-vulnerability-of-it-management-tools\/","og_locale":"en_US","og_type":"article","og_title":"Kaseya Breach Underscores Vulnerability in Managed IT | eSecurity Planet","og_description":"The Kaseya breach poses risk to a network of MSPs and their clients, shining light on supply chain vulnerabilities.","og_url":"https:\/\/www.esecurityplanet.com\/threats\/kaseya-breach-underscores-vulnerability-of-it-management-tools\/","og_site_name":"eSecurity Planet","article_published_time":"2021-07-07T00:45:06+00:00","article_modified_time":"2022-08-16T16:08:38+00:00","og_image":[{"width":2560,"height":1706,"url":"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/07\/Kaseya-Breach-Underscores-Vulnerability-of-IT-Management-Tools-scaled.jpg","type":"image\/jpeg"}],"author":"Sam Ingalls","twitter_card":"summary_large_image","twitter_creator":"@https:\/\/twitter.com\/SamIngalls","twitter_site":"@eSecurityPlanet","twitter_misc":{"Written by":"Sam Ingalls","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.esecurityplanet.com\/threats\/kaseya-breach-underscores-vulnerability-of-it-management-tools\/#article","isPartOf":{"@id":"https:\/\/www.esecurityplanet.com\/threats\/kaseya-breach-underscores-vulnerability-of-it-management-tools\/"},"author":{"name":"Sam Ingalls","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/40407ef36d4a8822d7fcd993b93faba2"},"headline":"Kaseya Breach Underscores Vulnerability of IT Management Tools","datePublished":"2021-07-07T00:45:06+00:00","dateModified":"2022-08-16T16:08:38+00:00","mainEntityOfPage":{"@id":"https:\/\/www.esecurityplanet.com\/threats\/kaseya-breach-underscores-vulnerability-of-it-management-tools\/"},"wordCount":1059,"publisher":{"@id":"https:\/\/www.esecurityplanet.com\/#organization"},"image":{"@id":"https:\/\/www.esecurityplanet.com\/threats\/kaseya-breach-underscores-vulnerability-of-it-management-tools\/#primaryimage"},"thumbnailUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/07\/Kaseya-Breach-Underscores-Vulnerability-of-IT-Management-Tools-scaled.jpg","keywords":["APT","MSP"],"articleSection":["Threats"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.esecurityplanet.com\/threats\/kaseya-breach-underscores-vulnerability-of-it-management-tools\/","url":"https:\/\/www.esecurityplanet.com\/threats\/kaseya-breach-underscores-vulnerability-of-it-management-tools\/","name":"Kaseya Breach Underscores Vulnerability in Managed IT | eSecurity Planet","isPartOf":{"@id":"https:\/\/www.esecurityplanet.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.esecurityplanet.com\/threats\/kaseya-breach-underscores-vulnerability-of-it-management-tools\/#primaryimage"},"image":{"@id":"https:\/\/www.esecurityplanet.com\/threats\/kaseya-breach-underscores-vulnerability-of-it-management-tools\/#primaryimage"},"thumbnailUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/07\/Kaseya-Breach-Underscores-Vulnerability-of-IT-Management-Tools-scaled.jpg","datePublished":"2021-07-07T00:45:06+00:00","dateModified":"2022-08-16T16:08:38+00:00","description":"The Kaseya breach poses risk to a network of MSPs and their clients, shining light on supply chain vulnerabilities.","breadcrumb":{"@id":"https:\/\/www.esecurityplanet.com\/threats\/kaseya-breach-underscores-vulnerability-of-it-management-tools\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.esecurityplanet.com\/threats\/kaseya-breach-underscores-vulnerability-of-it-management-tools\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esecurityplanet.com\/threats\/kaseya-breach-underscores-vulnerability-of-it-management-tools\/#primaryimage","url":"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/07\/Kaseya-Breach-Underscores-Vulnerability-of-IT-Management-Tools-scaled.jpg","contentUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/07\/Kaseya-Breach-Underscores-Vulnerability-of-IT-Management-Tools-scaled.jpg","width":2560,"height":1706,"caption":"Organizations reliant on IT service management and MSPs must be guarded to reduce supply chain vulnerabilities."},{"@type":"BreadcrumbList","@id":"https:\/\/www.esecurityplanet.com\/threats\/kaseya-breach-underscores-vulnerability-of-it-management-tools\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.esecurityplanet.com\/"},{"@type":"ListItem","position":2,"name":"Kaseya Breach Underscores Vulnerability of IT Management Tools"}]},{"@type":"WebSite","@id":"https:\/\/www.esecurityplanet.com\/#website","url":"https:\/\/www.esecurityplanet.com\/","name":"eSecurity Planet","description":"Industry-leading guidance and analysis for how to keep your business secure.","publisher":{"@id":"https:\/\/www.esecurityplanet.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.esecurityplanet.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.esecurityplanet.com\/#organization","name":"eSecurityPlanet","url":"https:\/\/www.esecurityplanet.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/","url":"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png","contentUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png","width":1134,"height":375,"caption":"eSecurityPlanet"},"image":{"@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/eSecurityPlanet"]},{"@type":"Person","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/40407ef36d4a8822d7fcd993b93faba2","name":"Sam Ingalls","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/image\/","url":"https:\/\/assets.esecurityplanet.com\/uploads\/2022\/08\/Sam-Ingalls-Square-150x150.jpg","contentUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2022\/08\/Sam-Ingalls-Square-150x150.jpg","caption":"Sam Ingalls"},"description":"Sam Ingalls is an award-winning writer and researcher covering enterprise technology, cybersecurity, data centers, and IT trends, for eSecurity Planet, Tech Republic, ServerWatch, Webopedia, and Channel Insider.","sameAs":["https:\/\/www.linkedin.com\/in\/singalls\/","https:\/\/x.com\/https:\/\/twitter.com\/SamIngalls"],"url":"https:\/\/www.esecurityplanet.com\/author\/singalls\/"}]}},"_links":{"self":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts\/18798"}],"collection":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/users\/250"}],"replies":[{"embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/comments?post=18798"}],"version-history":[{"count":0,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts\/18798\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/media\/18800"}],"wp:attachment":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/media?parent=18798"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/categories?post=18798"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/tags?post=18798"},{"taxonomy":"b2b_audience","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/b2b_audience?post=18798"},{"taxonomy":"b2b_industry","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/b2b_industry?post=18798"},{"taxonomy":"b2b_product","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/b2b_product?post=18798"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}