OXEN is aware of the highly disruptive Kaseya ransomware attack, which has impacted thousands of businesses across the world. This attack came through some Managed Service Providers (MSPs) using the Kaseya VSA remote monitoring & management tool, which was used to infect their end-customers with REvil ransomware.
We want to first let you know that OXEN and our clients were not affected by this hack. OXEN does not utilize Kaseya VSA software. We are still actively keeping up with this event to learn, mature, and strengthen our own security practices. At this time, unless you have reason to believe that another vendor of yours utilizes Kaseya VSA software, you do not need to take any action to respond to this breach, but there is always some lesson to be learned.
Kaseya’s response appears to have been swift, decisive, and coordinated: communicating quickly and recommending to their customers that all VSA servers be shut down immediately. They even shut down their own cloud/SaaS-hosted servers to be sure they are unaffected while they investigate, assess, and patch their software, supply chain, and environment. While much remains to be seen, at least this response shows how much has been learned since the recent SolarWinds attack, which affected many in our industry over the last year.
Our industry is constantly targeted, and new vulnerabilities and breaches are discovered almost daily. OXEN is vigilant in our efforts to continually improve our security and that of our clients, and to strengthen our incident response to be able to quickly detect, alert on, and respond to security events in order to best protect our clients should a breach of one of our critical vendors occur in the future.
One of the key tenets of security is to assume that at some point you will be breached. It is not a matter of IF, but WHEN it will happen. The proactive choices we make to protect ourselves can prevent some breaches, but the proactive planning far in advance of actually experiencing a breach is what can allow a business to quickly recover and limit the damage of such an event.
Our responsibility to protect our customers is something that OXEN takes very seriously. We know there is always more we can do. While this event is likely to result in lost revenue, hardship, and pain for the businesses that were affected, it also serves as a warning and an opportunity for our industry to become stronger and smarter. we want to assure you that OXEN will learn from and leverage this and future events, to better protect ourselves and our clients.
Make no mistake, we must not put our heads in the sand. Now is the time to be diligent in our efforts to protect and plan so that businesses can survive and thrive. OXEN is here to help you do that. Please don’t hesitate to reach out to us at firstname.lastname@example.org or 888.296.3619 should you have any questions or concerns.