We are continuing to monitor the situation surrounding the Kaseya VSA cyberattack, and are providing guidance to help our partners monitor and protect against it, as well as offering support to Kaseya and the community in general.

• The active monitoring and investigation of all of our products and systems show no sign of this ransomware variant.
• We have modified recently published Kaseya scripts to help N-able partners identify the VSA agent and check for related malicious files based on the MD5 hash available for download:
  • RMM : https://success.n-able.com/kb/nable_n-central/Kaseya-Endpoint-Detection-Tool-RMM
  • NC : https://success.n-able.com/kb/nable_n-central/KaseyaendpointdetectiontoolNC
• As always, we recommend that our partners employ best practices to help safeguard against this type of attack to include:
  • Keep MFA engaged
  • Deploy all patches in a timely manner
  • Utilize antivirus and endpoint detection and response
  • Only allow approved traffic and block any suspicious activity

For the latest information from Kaseya, please visit: https://www.kaseya.com/potential-attack-on-kaseya-vsa/

We take the security of our partners very seriously, and will continue to be vigilant in our monitoring and investigations, and will provide updates as needed.

Additional Resources: https://www.n-able.com/resources/the-big-book-of-layered-security-ebook-2021-edition