![]() We have full VSA logs from these incidents and we can guarantee ManagedIT.asmx was exploited in this campaign (multiple MSPs were targeted the same way). “We’re prepping an in depth write up on this situation. ![]() Since the hackers hold the decryption key, they were demanding $2.6 million worth of ransom payment. The remote management tool used by the MSP had a vulnerable old version of ConnectWise, a VSA RMM plugin, which enables attackers to encrypt the files of all the servers belonging to the MSP’s clients. ![]() That scenario came to pass when an MSP got their remote management tool hijacked by a malicious party, which went ahead and encrypt the critical user files of their clients numbering to 2000. Such risk may even reach critical operational levels and damage the company, losing weeks if not months worth of productivity to be lost. ![]() However, allowing a 3rd party company as the system administrators of a corporate network entails its own risks. Signing-up for Managed Service Providers (MSP) is a quick solution to lower the cost of maintenance for workstation troubleshooting, repairs, and maintenance. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |