Chip Hanlon

Safe from Kaseya Hack

Cynexlink Clients are Safe from the Kaseya Hack

Many of you may have read over the weekend that an IT infrastructure management company called Kaseya was successfully breached by a ransomware hack. This event potentially impacted thousands of companies because their IT managers – MSPs like us – used that Kaseya tool to monitor their clients’ networks.

All Cynexlink clients should take comfort in knowing this: you have ZERO exposure to this event.

**Note: if you are visiting our site for the first time, your current MSP uses Kaseya VSA and you are looking to make a change, the quickest way is by contacting us here. We have created a special offer for Kaseya clients and we will reply immediately to help your organization chart a rapid path to IT safety.

The article below provides a quick background on what Kaseya does and why this breach is potentially so far-reaching, as well as why we weren’t completely stunned by news of this breach.

Who & What is Kaseya?

All Managed Service Providers (MSPs) like Cynexlink use various software solutions to manage and monitor their clients’ networks for patching, operating system status, data backup, email spam protection and much more.

The primary monitoring software used by companies like ours is an RMM solution, which stands for Remote Monitoring and Management. Such a tool helps provide us visibility at scale, reporting, automation, efficiency and more. While an RMM solution is merely one tool in the toolbelt of an IT solutions provider like us, it serves as the heartbeat of the MSP’s tech stack.

Kaseya’s RMM product, which they call VSA, is what was breached. This means that not only were all of Kaseya’s MSP clients put at risk, so too were all the end clients of those MSPs! Initial reports said 200 companies were impacted by this breach; we will be very surprised if that figure doesn’t end up far higher when the dust settles.

Familiar names of RMM solution providers include smaller companies like NinjaRMM, N-Able and Atera, while the two biggest, most credible players are ConnectWise and Datto. We use Datto because their RMM tool, Autotask, is our industry’s gold standard.

Kaseya’s Place in the IT Universe

Kaseya has been working feverishly to move up into the top-tier IT provider category alongside Datto and ConnectWise, which is why it attracted so much private equity interest a couple years ago.

Behind the scenes, there has been a ton of consolidation in our industry over the last few years, and it has centered on these RMM tools – either as acquirers or acquirees – driven by economies of scale. By adding firewall management, backup and recovery, cybersecurity tools and more to an RMM under one roof, the potential for growth is staggering. This is why Kaseya has raised over $500MM dollars over the last 2+ years — to grab a piece of that market.

The path to providing more and more IT solutions beyond the RMM tool comes down to a choice between building it and buying it. Kaseya chose to raise money and buy.

With all that fresh PE money, Kaseya went on a torrid acquisition spree, buying backup providers, cybersecurity companies, anti-phishing solutions, network assessment programs and more. The management challenge with such consolidation plays, however is huge: not only do company cultures have to be merged, so do all the business units, product features and technologies used. In such a growth-first environment, key details can be missed without any ill intent whatsoever.

Indeed, our team spends more than 500 hours per year in training and product review sessions in order to stay up on the latest technology and cybersecurity solutions for our clients. When a new, better tool comes along in a category, it gets added to our tech stack and the previous leader gets the boot… being able to monitor IT advancements is one of the big advantages of hiring a firm like ours.

As part of our ongoing IT vetting process, we have assessed a number of Kaseya products in the last couple of years. Without being too specific for not wanting to drive the stiletto too hard at this moment in time, there were definitely some warning signs that key details were being missed.

Massive Business Challenges Remain

It will be interesting to see how Kaseya simply survives this high-profile event.

In the short-term, there is the issue of the $70 million ransom the hackers are demanding to release the stolen data.

Next, every MSP client of Kaseya must be exploring a move to a competitor this morning, but a systemic transfer of that kind is no overnight project. If those MSPs don’t move, however, their end clients will wonder how their IT provider can stay put — or how they can continue to work with, and have confidence in, an MSP that won’t leave Kaseya.

Maybe all of this can be fixed with a little P.R. and a lot more of what matters — actual cybersecurity investment and restructuring. Only time will tell.

For those end clients who don’t want to wait and need help getting away from Kaseya, contact us not only for a special offer for Kaseya clients only, but a simple 3-step, 3 week plan to provide a port in a storm for your network and data.

Read more

Podcast: SD WAN for the Home Office

As a primer for our upcoming webinar on June 25th (Register), we conducted a short interview with VergX COO, Chris Chirico, about SD WAN and how it’s not just for the office anymore. VergX is the technology partner solution which powers Cynexlink Enterprise SD WAN and the new Cynexlink Home SD WAN.

Has a key employee lost his or her home internet connection at a critical moment due to heavy demand on the home wifi? Don’t let that problem plague your team any longer.

You can learn more by listening to our roughly 10-minute conversation right here:

Now, companies of all sizes can use this fast-growing solution to secure, manage and prioritize the flow of data — even in employees’ home environments! This is truly a simple, cost-effective game changer for savvy organizations to utilize.

And again, be sure to join us at 10am PDT on June 25th for a full, free webinar presentation regarding all SD WAN can do:

Enjoy the podcast above and we hope to see you on the 25th!

Read more

Useful Tactics to Protect Against COVID-19 Cyber Scams


Coronavirus (COVID-19) isn’t just a growing threat to public health – it’s also a growing threat to your company’s cybersecurity.

From using scary subject lines to adopting faux official letterhead, bad actors are scrambling to use the climate of fear and disruption caused by COVID-19 to their advantage.

Disasters, emergencies, and global pandemics provide a target-rich environment for cybercriminals to launch phishing attacks and employ other dirty tricks to gain access to your data.

It only takes one staffer opening a bogus email, clicking on a dangerous link, or downloading a malware-laden attachment for them to succeed.

Here are three ways that you can act immediately to prevent a potentially disastrous Coronavirus-related data breach.

1. Plan, Preserve and Protect

Use expert guidance from agencies like CISA to prepare your organization for risks posed by COVID-19.

Is your cybersecurity plan adequate for the unique challenges presented by increased virtualization if your staff is quarantined or working remotely for safety?

Two-factor authentication and other tools like VPN help keep your organization’s data and systems safe, even when workers aren’t in the office.

2. Trust but Verify 

Get updates about COVID-19, scams and frauds related to the Coronavirus pandemic, and its impact on cybersecurity from trusted, official sources.

  • Encourage your staff to only use vetted information for planning and communications.
  • Be wary of any email with a COVID-19-related subject line, attachment, or hyperlink.
  • Avoid sharing or clicking on social media posts, text messages, or IMs offering Coronavirus information, vaccination, treatment or cures.

3. Make Prevention a Priority 

  • Refresh every staffer’s training on how to spot phishing scams and online fraud.
  • Remind your staff that government agencies will never ask for sensitive personal, financial or business information via email.
  • Reinforce that clicking on links or opening attachments from unfamiliar sources is a quick way for scammers to infect your systems with malware.
  • Employee Security Awareness Training and Phishing Simulations can help make sure that your staff is ready to spot and defend against attack.

Constant vigilance against cyberattacks is a smart strategy for any business.

In these uncertain times, we’re happy to be your trusted source for the tools and strategies that you need to keep cybercriminals out of your business.


Read more

Beyond IT: Fed Bailout May Cover Your Payroll for 4 Months

We’re IT guys, of course, but we wanted to pass along information from a different domain in case you didn’t see it.

Early this morning on CNBC, a host reported on an element of the Senate bailout package which companies with fewer than 500 employees will want to be aware of. That host said Larry Lindsey, former director of the National Economic Council, called this measure the “big bazooka” of the bailout package.

Here are the key elements:

  • Section 1105 of the bailout bill will provide small business loans to cover payroll
  • Covers employees earning up to $100,000/year
  • Loans are forgiven if a company maintains its payroll for 4 months

In short: for small businesses which can avoid making cuts to personnel, it looks like the Feds will pay those qualifying employees for you.

There’s a bit more info in this article from Politico: (scroll down to the section titled “Small Businesses: $300 Billion”).

While there are more details to learn about, the points above hit the highlights. And this legislation, which is the 3rd in a series of bills (two have been signed) in response to COVID-19, still needs to be married to the equivalent House bill that’s taking shape.

Still, it just seemed to be a possible fit for so many of our clients that we wanted to share this information with a wider audience.

Again, we’re in IT so this doesn’t constitute tax/payroll advice, consult your financial professional, yada yada… all the necessary disclaimers. But hopefully this is of some help or interest.

Last thing, while we’re at it: keep in mind that because of the lag in discovering new COVID-19 cases, the numbers will undoubtedly get much worse over the next couple of weeks. This widely-read article describes that lag well: While the numbers in that article are now out of date, the reasoning isn’t, and it’s fascinating.

However, that lag also means that the strict measures we’re all taking, like social distancing, are having an impact. They’re undoubtedly having a big impact right now – we just won’t see it in the data for two or three weeks.

The economic damage is real. You have hard calls to make regarding your employees and your business. But have confidence that better days are coming in terms of virus/new case statistics – and they may be coming sooner than we can imagine in this moment.

Hang in there and have a safe weekend,

Read more