
The Kaseya ransomware attack is a major wake-up call for businesses worldwide. In July 2021, a devastating cyberattack struck hundreds of companies, causing widespread disruption and financial losses.
Kaseya's VSA software was compromised, allowing hackers to spread the ransomware through its network. This attack was not a traditional ransomware attack, but rather a supply chain attack that targeted Kaseya's customers.
The attack affected over 60 countries, with many businesses forced to shut down their operations temporarily. This highlights the importance of having robust cybersecurity measures in place, especially for companies that rely on third-party software.
Kaseya's response to the attack was swift, with the company working closely with law enforcement and cybersecurity experts to contain the damage.
Additional reading: Patelco Credit Union Cyber Attack 2024
What Happened?
On July 2 at 2:00 PM EDT, Kaseya CEO Fred Voccola announced a potential attack against the VSA that had been limited to a small number of on-premise customers.
The company immediately took action, urging clients to shut down their VSA servers out of an abundance of caution because the attacker had shut off administrative access to the VSA.
If this caught your attention, see: Arkane Studios Shut down
Customers were notified of the breach via email, phone, and online notices.
Kaseya's Incident Response team investigated the breach, and the vendor proactively shut down its SaaS servers and pulled its data centers offline.
By July 4, Kaseya had revised its thoughts on the severity of the incident, calling itself the "victim of a sophisticated cyberattack."
Cyber forensics experts from FireEye's Mandiant team, alongside other security companies, were brought in to assist with the investigation.
Explore further: Oil Futures Drunk-trading Incident
Impact and Recovery
Kaseya's recovery plans have been in full swing since July 4, with the company focusing on communication, patch plans, and security measures. They've developed a phased recovery plan, prioritizing SaaS customers followed by on-premises customers.
The plan includes removing lightly-used legacy VSA functionality, implementing enhanced security monitoring, and enabling Web Application Firewall (WAF) capabilities. This is being done to mitigate the attack and prevent future incidents.
Kaseya has also published an updated timeline for restoration efforts, with SaaS servers expected to be relaunched on July 6. Configuration changes to improve security will follow, including an on-premise patch expected to land within 24 hours of SaaS servers coming back online.
Consider reading: Customers Bank Cfo
Timeline and Impact

On Friday afternoon, Kaseya was alerted to a potential attack involving a remote management software called VSA, and within an hour, it shut down access to that software in an effort to stem the attack's spread.
The attack had already knocked out at least a dozen IT support firms that rely on Kaseya's remote management tool by Saturday.
By Saturday, US officials said they were tracking the attack.
Kaseya's chief executive, Fred Voccola, said it's hard to gauge the full impact of the attack, but he was not aware of any nationally important organizations being compromised in the attack.
Up to 1,500 businesses around the world have been compromised, including dentists' offices, small accounting offices, and local restaurants.
Around 50 of Kaseya's customers that use the on-premises version of VSA had been directly compromised by the attack.
President Joe Biden said in a press briefing over the weekend that, while officials are still investigating the source of the attack, the United States could retaliate if the Russian government is involved.
Here's an interesting read: Cyber Insurance Fast Track Kaseya
Recovery Plans
Kaseya has moved on from analyzing the attack to recovery and patch plans.
The company is communicating its phased recovery plan to its SaaS customers first, followed by on-premises customers.
Kaseya will be publishing a summary of the attack and its mitigation efforts.
Some legacy VSA functionality will be removed as a precaution, with a list of affected features outlined in the release notes.
Enhanced security measures are being implemented, including FireEye monitoring of SaaS servers and improved WAF capabilities.
External security experts have reviewed Kaseya's code to ensure a smooth service restart.
Here's a breakdown of Kaseya's recovery plan timeline:
Initially, Kaseya planned to restore VSA with "staged functionality" to speed up the process.
However, the first release will prevent access to certain features used by a small fraction of users, including Classic Ticketing, Classic Remote Control, and User Portal.
Kaseya has published an updated timeline for its restoration efforts, with SaaS servers expected to come back online on July 6 at 4:00 PM EDT and 7:00 PM EDT.
Configuration changes to improve security will follow, including an on-premise patch, which is expected to be available within 24 hours of the SaaS servers' return.
Broaden your view: Publicly Traded Saas Companies
Customer Response
Kaseya's customer response is built on a robust platform that enables rapid issue resolution. This platform is powered by VSA, a cutting-edge remote monitoring and management tool.
Kaseya's support team is available 24/7 to address any technical issues that may arise. They can be reached through phone, email, or live chat.
Kaseya's extensive knowledge base is a valuable resource for customers, providing detailed guides and tutorials on how to use the platform. This resource is updated regularly to reflect any changes or updates to the system.
Kaseya's customer response team is highly trained and experienced, with a deep understanding of the platform and its capabilities. They can provide expert guidance and support to help customers get the most out of their investment.
See what others are reading: Good Human Resource Management
Attack Details
The Kaseya attack was a sophisticated cyberattack that hit the company's VSA product, potentially affecting thousands of businesses.
The attack was carried out by the Russian-speaking ransomware group REvil, who encrypted customer files and demanded a $70 million payment.
If this caught your attention, see: Crypto Dusting Attack
Kaseya first reported the security threat on Friday afternoon and initially estimated that only a small percentage of customers were affected, with a total of 40 worldwide.
However, cybersecurity researcher John Hammond of Huntress Labs estimated that at least 1,000 or more small businesses or organizations were compromised due to a ripple effect of managed service providers (MSP) that may have been affected as well.
The company recommends that on-premises customers keep their VSA servers offline "until further notice" and not click on any links sent from attackers.
Here are some key statistics about the attack:
The FBI and a computer forensics firm are working with Kaseya to investigate the attack, and the Cybersecurity and Infrastructure Security Agency (CISA) is also taking action to understand and address it.
VSA Overview
Kaseya's VSA product is a remote support software that offers a range of features, including session recording, remote access/control, and remote monitoring & management.
One of the key features of VSA is its ability to provide real-time monitoring and control, allowing IT teams to remotely access and manage customer systems. This feature is particularly useful for troubleshooting and resolving technical issues.
VSA also includes collaboration tools, such as surveys & feedback, which enable IT teams to gather information from customers and improve their support processes. Additionally, the software includes reporting/analytics, which provide valuable insights into customer systems and help IT teams make informed decisions.
Here are some of the key features of VSA:
- Session Recording
- Remote Access/Control
- Remote Monitoring & Management
- Unattended Access
- Access Controls/Permissions
- Collaboration Tools
- Surveys & Feedback
- Reporting/Analytics
- Real-Time Notifications
- File Sharing
- Screen Sharing
- Session Transfer
- Diagnostic Tools
- Chat/Messaging
- Real-Time Chat
- Real-Time Monitoring
- Troubleshooting
Softwareworld's Choice of VSA
At Softwareworld, we've chosen a Virtual Storage Appliance (VSA) that truly stands out from the rest. Our top pick is VMware vSAN, a robust solution that's perfect for virtualized environments.
vSAN offers a scalable architecture, allowing you to grow your storage capacity as your needs evolve. This is especially important for businesses that expect rapid growth.
One of the key benefits of vSAN is its high performance, which is made possible by its use of flash storage and intelligent caching. This results in faster storage access and improved application responsiveness.

VMware vSAN also provides advanced data protection features, including erasure coding and replication. These features ensure that your data is safe and secure, even in the event of a disaster.
With vSAN, you can manage your storage infrastructure from a single console, making it easier to monitor and maintain your storage environment. This is especially useful for IT administrators who need to manage multiple storage systems.
In terms of cost, vSAN offers a cost-effective solution that's competitive with other VSA options. Its pay-as-you-grow pricing model means you only pay for what you need, when you need it.
Overall, VMware vSAN is an excellent choice for businesses that need a reliable, high-performance VSA solution. Its scalability, performance, and cost-effectiveness make it an ideal choice for virtualized environments.
Check this out: LG Energy Solution
VSA Overview
The VSA product, a software developed by Kaseya, offers a range of features to manage IT infrastructure. It includes session recording, remote access/control, and remote monitoring & management capabilities.

One of the key features of VSA is its ability to provide real-time monitoring and alerts, allowing IT administrators to stay on top of their systems. This feature is particularly useful for detecting potential issues before they become major problems.
VSA also includes a range of collaboration tools, such as surveys & feedback, reporting/analytics, and real-time notifications. These tools enable IT teams to work more efficiently and effectively.
Here are some of the key features of VSA:
- Session recording
- Remote access/control
- Remote monitoring & management
- Unattended access
- Access controls/permissions
- Collaboration tools
- Surveys & feedback
- Reporting/analytics
- Real-time notifications
- File sharing
- Screen sharing
- Session transfer
- Diagnostic tools
- Chat/messaging
- Real-time chat
- Real-time monitoring
- Troubleshooting
These features make VSA a powerful tool for IT administrators, allowing them to manage their systems more effectively and efficiently. By leveraging these features, IT teams can reduce downtime, improve productivity, and enhance overall system performance.
Worth a look: Wetransfer Features
Support and Licensing
Kaseya offers comprehensive support to ensure you get the help you need, whenever you need it. 24x7 Support is available, so you can reach out at any time.
You can contact Kaseya through various channels, including Email, Phone, and Chat. If you prefer to find answers on your own, the Knowledge Base is also available.
For those who prefer a more self-sufficient approach, the Knowledge Base is a great resource to explore.
You might enjoy: Base Erosion and Profit Shifting
Support
Support is a crucial aspect of any software or service. With remote support software, you can get help 24x7 through various channels.
One of the most convenient ways to get support is through remote access, where a technician can access your computer to troubleshoot issues. This is especially helpful when you're experiencing technical difficulties that you're not familiar with.
Another way to get support is through email, phone, or chat. Many software providers offer these channels to ensure that you can get help in a way that's most comfortable for you.
If you're experiencing issues, you can also check the knowledge base for solutions. This is a great resource for common problems and can often provide a quick fix.
If you're unable to find a solution in the knowledge base, you can always reach out to support through various channels, including email, phone, or chat.
For your interest: Issues in Retirement Security
Licensing & Deployment
In terms of licensing and deployment, you have several options to consider. Your software can be proprietary, meaning it's owned and controlled by you, or you can choose a cloud-hosted solution.
The proprietary option gives you full control over your software, but may limit its accessibility and scalability. On the other hand, cloud-hosted software can be more easily shared and accessed by multiple users, but may raise concerns about data security and ownership.
You can also opt for an on-premise deployment, where the software is installed and hosted on your own servers. This can be a good choice if you need to meet specific security or compliance requirements. Alternatively, you can choose a web-based solution, which can be accessed through a web browser and does not require installation on individual devices.
In terms of device compatibility, your software can be designed to run on a variety of platforms, including iPhone, Android, Windows, Mac, and Linux. This can be a major advantage if you need to support users with different operating systems.
Here are some of the deployment options in more detail:
- Proprietary: owned and controlled by you
- Cloud Hosted: accessible through the internet, may raise concerns about data security and ownership
- On-Premise: installed and hosted on your own servers
- Web-Based: accessed through a web browser, does not require installation on individual devices
- iPhone: designed to run on Apple devices
- Android: designed to run on Android devices
- Windows: designed to run on Windows operating systems
- Mac: designed to run on Mac operating systems
- Linux: designed to run on Linux operating systems
Frequently Asked Questions
What company owns Kaseya?
Kaseya is owned by a consortium of private equity firms, primarily Insight Partners and TPG. Its ownership structure is complex and involves multiple investors.
Who is the CEO of Kaseya?
Kaseya's CEO is Rania Succar, who was appointed to lead the company's next phase of innovation and growth. She brings new leadership to the company as of June 3, 2025.
Featured Images: pexels.com

