These so-called supply chain ransomware attacks are particularly nasty. By compromising the manufacturer of the software, the hackers can then hijack the legitimate distribution systems and turn approved software into a Trojan horse for further attacks on the customer’s data and systems.
Common security defenses, such as application whitelisting, are ineffective as the application is actually supplied by the software vendor, and will happily pass through the usual application approval processes.
Whilst we have never used Kaseya here at Bluescale, it has historically been a great tool – one we considered using back in our early days. Many MSPs here in Australia would be using it, and we empathize with their pain, and the pain of their customers today. Hopefully, with US Government Security Agencies now involved, the situation can be resolved without further data loss.