• Skip to main content
  • Skip to footer

Commonwealth Sentinel

Cyber Security for local government, non-profits and small business

MENUMENU
  • Home
  • About Us
    • Sheri Donahue
    • Leo Haggerty
    • Careers
  • Services
    • Vulnerability and Threat Evaluation
    • Transformation Management
    • CISO Management Services
    • Incident Response Management
  • News
  • Blog
  • FAQs
  • Contact Us

commonsent / July 8, 2021

Independence Day Holiday – Not So Fast

Well, that certainly did not last long. After a year of pandemic and far-reaching cyber attacks (Solar Winds, Microsoft Exchange, Colonial Pipeline, JBS), everyone was ready for a nice long holiday weekend. Then just like clockwork, another major cyber attack hit the supply chain.

This may sound like a lot of techie talk and you may think it doesn’t affect you. But it does.

Let’s start with some background. Many companies and organizations outsource their Information Technology (IT) management to a Managed Service Provider (MSP). This is more cost-effective and efficient than having an in-house technology department. An MSP usually provides these services for several customers. These services include network, applications, email, etc., and it is done remotely. This allows the MSP to manage the network and devices for the client company including pushing upgrades for software and operating systems to the client’s devices.

One of the technologies that some MSPs use is a tool called VSA from Kaseya. As a supplier of technology to MSPs, this makes Kaseya part of the “supply chain”. On July 2, it was discovered that cyber criminals utilized the VSA software to push malicious code and launch a ransomware attack.

The assessment of exactly how many clients have been affected is unclear. Estimates range from less than 50 to more than 70. That is, MSP’s that were affected. The number of downstream companies (i.e., those clients of the MSPs that use the VSA) is still unknown.

Back to how this affects you. Most organizations use at least some, if not all, outsourced IT services. The end customer (you) will never know – that is, until you get a notification from a company with whom you do business saying that your information has been compromised.

So who will help you? Look no further than your friendly neighborhood MSSP. What is that? It’s a Managed Security Services Provider. An MSSP operates similar to an MSP but the focus is on cyber security – protecting the IT services provided by the MSP.

Some MSPs expand their service offerings to include cyber security and become MSSP themselves. However, it’s not as easy as just adding a firewall or updating your anti-virus. Just because both fields work with computers does not mean that they are the same. They are parallel fields with very specific issues and solutions. Therefore, in many instances, the MSPs and MSSPs work cooperatively to protect their mutual clients.

Filed Under: Blog

Footer

CONTACT US

COMMONWEALTH SENTINEL

1230 US Highway 127 S
Suite #5
Frankfort KY 40601
(502) 320-9885

EMAIL US

ABOUT US

Cyber security consulting for local governments, non-profit organizations, and small businesses facing the threats of the cyber world.  At Commonwealth Sentinel, we are passionate about helping people be cyber-safe!

FOLLOW US

  • Email
  • Facebook
  • LinkedIn
  • Phone
  • Twitter
  • YouTube

Copyright © 2023 Commonwealth Sentinel

We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT