Let鈥檚 set a scene that鈥檚 all too familiar to those of us who work in cybersecurity.
It's the Friday afternoon before the Fourth of July weekend. So far, things are quiet. You鈥檙e excited for the long weekend, fireworks and barbeques.
But then, the unthinkable happens, and all hell breaks loose. Ransomware strikes your entire customer base. Not one, not two鈥攂ut your entire client base.听
You feel yourself go numb. Then, you鈥檙e at a standstill for the next two minutes as you process the nightmare that just landed on your doorstep.
So, what鈥檚 next?聽
This nightmare scenario was an unfortunate reality for Robert Cioffi, COO and co-founder of .
On July 2, 2021, hackers launched a cyberattack on Kaseya鈥檚 VSA, which affected approximately 50 managed service providers (MSPs).听
The REvil ransomware group launched an attack that spread from the MSPs to between 800 and 1,500 businesses worldwide, leaving them virtually paralyzed.听
Progressive Computing was one of the victims of the attack on the Kaseya VSA RMM tool. Hackers installed ransomware across their entire client base, simultaneously affecting 2,500 endpoints across 80 clients with 200 physical sites in four different time zones.听
We hosted a webinar with Robert, where he candidly shared his team's story from the last year, providing his perspective on what went through his head leading up to and following the attack. It鈥檚 an incredible story of how they were able to fight through a mass-scale attack and emerge even stronger.听
We won't spoil the entire story for you鈥攊t's a good one and one worth hearing firsthand. But, we鈥檒l share some key takeaways that Robert offered to any MSP that finds itself in the same stressful situation.
With no formal incident response plan in place, Robert and the Progressive Computing team were desperately trying to find a fix. But how do you begin to fix something when you don't even know what the actual fix is?聽
He credited the core values and the culture his team has built as their saving grace. But he urged others to learn from the mistakes Progressive Computing made and reasoned that even a half-baked plan is better than nothing.听
However, the right response plan can make or break how you handle cyber incidents, so we recently met again with Robert and our panel of MSPs and experts to discuss the ins and outs of incident response planning (you can watch that full webinar here).
As Robert says in the webinar, the first step any MSP should take in the event of a cyberattack is to contact their cyber liability insurance provider.
With attorneys specializing in these kinds of circumstances, they will be your first responders in helping you begin to navigate these situations.听
Robert warns of using the 鈥淏鈥 word, breach, because of the legal implications the word carries. Often, it鈥檚 better (and less legally scathing) to use words like incident or event.
As Robert began to guide his team through what seemed like an impossible situation, he reflected on the core values of Progressive Computing. Those values are
Robert knew that by coming together as a team and remembering their core values, they would find their way through鈥攏o matter what.
A major point of emphasis from this story is the need for a peer group鈥攁聽 community you can lean on when if find yourself in situations like these.听
We鈥檙e all about community at 杏吧传媒, so we were quick to reach out and offer our services to help Robert and his team navigate through this attack.听
The best part? We weren't alone in offering help! What started as a couple of business owners and their staff showing up to help Progressive Computing turned into a wave of people offering support. With this community, Robert and his team were able to come out on the other side.听
But this led Robert to a new question: 鈥淚t got me thinking, how do we create a system so that any MSP can break the glass in case of emergency?鈥
Enter the Volunteer Response Corps.
With the Volunteer Response Corps, there is truly light emerging from darkness. Robert explains that this organization will be a 鈥渇or us, by us鈥 group of MSPs that work together to help others in their time of need. It鈥檚 a clear way for the MSP community to unite and fight back against these savvy attackers.
Robert detailed how this organization came to fruition in the webinar.听
In the Progressive Computing story and many others like it, we see the triumph of community. Their story (and so many like it) is why we felt compelled to develop The 杏吧传媒 Neighborhood Watch Program, which we designed to provide MSPs with practical programs and resources to raise the security level for the entire cybersecurity community.听
杏吧传媒 partner or not, these resources are available to all!
Get insider access to 杏吧传媒 tradecraft, killer events, and the freshest blog updates.
