The Kaseya Attack Effect

Data Protection & SecurityThe Kaseya attack demonstrates how cyber crime is a big, organized business.  How big? You can subscribe to “Ransomware as a Service” and outsource attacks on your intended targets.  How organized? Hacker groups and service providers, such as the REvil Ransomware Group and DarkSide, actively manage their brands and reputations.  The REvil attack on Kaseya shows us that cyber criminals are technically advanced and operationally sophisticated. The nature of the attack, and its scope, should scare you.

By using known vulnerabilities in Kaseya’s VSA Remote Monitoring and Management system, REvil was able to create an automated ransomware distribution network. They used the very systems that Managed Service Providers (MSPs) use to monitor and manage customer servers, computers, and networks.

The Impact

MSPs update their Kaseya VSA servers automatically installed the Ransomware on their customers’ systems, as well as their own. Best estimates are that up to  1,500 small and medium-sized companies are victims. While this number seems small, those 1,500 business face an existential threat. Remember: more than half of businesses victimized by ransomware fail within six months.

Most MSPs shut down their Kaseya VSA services before spreading the ransomware. These firms had no ability to monitor, manage, or remotely support their customers. Customers facing IT issues were met with longer diagnostic and resolution times, resulting in business disruption, lost productivity , and the possibility of data loss.

As a managed cloud service provider, Cumulus Global does not use the Kaseya VSA system.  Our clients were not at risk, via our services, from this attack.

The Lessons

We were on the sidelines for the Kaseya attack. We understand, however, that the way in which may cloud services are managed create connections between vendors, resellers, partners, and customers. While these connections do not generally provide any access to customer data, they do provide access to management functions and information about users.  This information, in turn, could be used to improve the effectiveness of phishing attacks, spoof identities, and gain access to systems.

As a trusted IT advisor and a managed cloud service provider, we are part of a connected supply chain. We take our responsibility to secure our part of that chain seriously. While we follow commercially accepted best practices for security and privacy, the Kaseya attack warns us to step back and re-evaluate our strategy, policies, and procedures.

Our Next Steps

Cumulus Global is conducting an internal review of all of our internal and operational systems, including vendor portals and services we use to order, provision, manage, and support cloud services. As part of this review we are examining our policies and procedures related to:

  • Identity management and protection
  • Access to the systems
  • System level permissions related to function and data
  • Roles and responsibilities with respect to security and privacy
  • Business continuity plans and capabilities

Through this process, we are challenging our assumptions, re-assessing how we operate security and effectively, and raising our expectations for how well we protect ourselves and our customers.

We will also be making recommendations to our clients, and the broader community, on steps they can take to improve their security profile and protections.

Your Next Steps

As a user of cloud services, and technology in general, have responsibilities as well.

We Can Help

To assess your cyber security status, discuss your risks and needs, and identify solutions that fit your business and your budget, contact us to schedule a complimentary session with one of our Cloud Advisors.

Quick Guide to Your Google Workspace Transition

Google Workspace

G Suite to Google Workspace Transition is Happening Now

According to Google support, “Now is the time to transition your customers’ G Suite Basic and G Suite Business subscriptions to Google Workspace. Beginning February 1, 2023, Google will automatically transition your customers once they are eligible.”

In October 2020, Google announced the transition of its productivity platform from G Suite to Google Workspace.  More than a simple branding change, the Google transition includes significant changes to your subscription options, features/functions, and pricing.

Big Picture of the Google Workspace Transition

  • Google Workspace has two subscription tiers: Business and Enterprise
    • The Google Workspace Business tier offers three subscription options: Business Starter, Business Standard, and Business Plus
      • You may mix and match subscription types within the Business tier based on user and group needs
      • You total user count (licenses) cannot exceed 300
    • The Google Workspace Enterprise tier offers two options: Enterprise Standard and Enterprise Plus
      • You may mix and match subscriptions within the Enterprise tier
      • You have no limited on the number of user licenses

Read more about Google Workspace Plans and Pricing.

Impacts of the Transition From G Suite to Google Workspace

Vault

As part of the repackaging, Google Vault is no longer available as an add-on.  G Suite Business subscriptions and G Suite Basic subscriptions with Vault as an add-on, will need to move some or all of their users to Google Workspace Business Plus.  At standard pricing, this means a price increase from $11 or $12 per user per month up to $18 per user per month.  For businesses that need Vault for regulatory or industry compliance, this increase in unavoidable.

License Counts

From companies with more than the 300 users, Google is forcing a move to the Google Workspace Enterprise tier.  While Google offered a grace period allowing companies with more than 300 users to transition to Google Workspace Business subscriptions for up to 3 years, the offer has expired and is not expected to return.

The impact is a standard price increase from G Suite Basic and G Suite Business at $6 and $12 per user per month, respectively, to $20 per user per month for Workspace Enterprise Standard.  As noted, below, we can help with Google Workspace transition incentives and discounts to help mitigate the increase.

Storage

Workspace Business Standard and Workspace business Plus have 2TB and 5TB per user, respectively. This storage is pooled and available to all users, reducing the likelihood that specific users will need additional storage space.  While rare, some businesses running G Suite Business with unlimited storage are above those limits.  This will also become an issue over time for some businesses, particularly those that work with large files, such as CAD, images, and video.

Big Incentives

Working with Google, we are able offer incentive and discounts for transitioning from G Suite to Google Workspace.

  • Incentives and discounts are greater if you transition before your annual renewal date
  • Greater discounts exist if you are willing to commit to a 2 or 3 year term, instead of a 1 year term
  • Incentives change quarterly and, generally, become less generous over time, so reach out to us for details and your specific options
  • We will work with Google to address any unique requirements and circumstances

Incentives and smart subscription and license planning will save you money and mitigate any cost increase related to your G Suite to Google Workspace transition.

Your Next Steps for the Google Workspace Transition

  1. Check out our Quick Guide – Google Workspace Transition that covers migration paths and the impact on features and costs.
  2. Contact us to discuss and map out your transition from G Suite to Google Workspace, or use schedule a brief call with one of our Cloud Advisors directly.


Google Drive for Desktop Unification

In February 2021, Google announced the unification of the two existing Google Drive sync clients. The Backup and Sync and Drive File Stream agents will merge into a single client called Google Drive for desktop. This unified sync client provides a consistent experience for anyone who uses Drive for business, education or personal purposes.

Starting July 19, 2021, Backup and Sync will support a guided flow to help users transition onto Drive for desktop.

We recommend a managed deployment.  Deploy Drive for desktop to your users currently on Backup and Sync and encouraging them to complete the guided flow onto Drive for desktop before August 18, 2021. Any users still on Backup and Sync after that point will receive in-product notifications prompting them to transition to Drive for desktop.

Impact and Timing

Backup and Sync will remain available through October 2021. Any users still on Backup and Sync after that point will no longer be able to sign in to Backup and Sync. To continue syncing with Drive and/or Google Photos, users will need to transition to Drive for desktop.

To understand what’s changing, please see Google’s support article.

If any end users in your organization are currently using both Backup and Sync and Drive for desktop (not very common), they will be automatically prompted to consolidate their sync client usage onto Drive for desktop in July 2021.

Next Steps

If you require or prefer a controlled deployment, we recommend deploying Drive for desktop to your users currently on Backup and Sync and encouraging them to complete the guided flow onto Drive for desktop before August 18, 2021.

Please contact us if we can help you

  • Determine the number of users running Backup and Sync
  • Communicate with users about the change, or
  • Help manage your users’ transition

Assistance is covered under our Admin Service and Premium Service offerings, and is available as a stand-alone project.