A patch for on-premises customers of the VSA product that was the source of a widespread ransomware attack since Friday is currently going through testing and validation.
The Kaseya board determined the company was not ready to begin the rollout of restoration of its software-as-a-service VSA remote monitoring and management tool following the ransomware incident. That decision appears to delay the release of a patch for on-premises clients.
In the latest update following a widespread ransomware attack that hit managed service providers, Kaseya announced that its executive team would meet Monday to discuss bringing the software-as-a-service VSA remote monitoring and management tool back online. The company also said Monday would be the day it disclosed a timeline for the release of a patched on-premises VSA product.
According to a company update Saturday night, Kaseya only received a single report of a new infection Saturday from a client who left their VSA server on.
The flurry of ramsomware attacks starting Friday, targeting on-premises Kaseya VSA applications, are particularly frightening to managed service providers, because they strike at software at the center of the enterprise: the remote monitoring and management (RMM) platform.
Ransomware attacks leveraging a zero-day in the on-premises Kaseya VSA remote IT management product started Friday afternoon and struck dozens of managed service providers and thousands of those MSPs customers. As one cyber expert noted: "I don’t think I have seen a ransomware gang use a 0-Day in an attack before."
