CertNZ warns NZ users of Kaseya VSA to shut it down

7:27 pm on 3 July 2021

CertNZ is warning New Zealand organisations using Kaseya VSA software to manage their IT infrastructure they may be at risk of an attack by a Russian-based ransomware.

Hands on laptop writing code or using computer virus program for cyber attack

Photo: 123rf

The cyber security watchdog says the Florida-based company has reported some of their customers using the remote management and monitoring software have had their devices encrypted by REvil ransomware.

In a statement on its website, CertNZ is urging all Kaseya VSA users to shut it down until further notice.

Kaseya has clients and partners in New Zealand.

American cyber security company Huntress Labs said the hack targeted Kaseya before spreading through about 200 - and rising - corporate networks that use its software.

Kaseya provide IT management software for Managed Service Providers (MSPs) and small to mid-sized businesses (SMBs) - inkling clients and partners in New Zealand.

Kaseya has previously publicised its links to New Zealand-based CodeBlue and other AustralasianIT companies, including BigAir, Datacom, eNerds, Leap Consulting, Surety IT and Ricoh Australia.

CodeBlue said it was confident will be no impact or risk to its more than 300 customers across New Zealand. Its investigation had shown no indication of an issue or any compromise on its network and no suspicious or abnormal activity.

*This article has been updated to include a statement from CodeBlue 

  • US companies hit by 'colossal' cyber-attack
  • Waikato DHB yet to contact patients whose data was published online after cyberattack
  • The rise of cybercrime and NZ's fragmented response
  • Dealing with cyber criminals: Some NZ businesses 'feel they have no choice but to pay'
  • More hackers trying to exploit systems for money - CERT NZ