Service Status

Following the recent announcement of the Log4j vulnerability being identified, we have scanned all of our clients’ systems for any that may be susceptible to the exploit and where possible we have started rolling out updates to some commonly used applications that could be affected.

If your applications appear different visually after the updates and you need support, or you experience any technical issues, please contact our Support team as normal.

However as Log4j is used by a vast range of 3rd party software vendors, in most cases we will not be able to proactively remove the vulnerability ahead of the software vendor providing you with an update.  Where a software vendor provides you with an update and you would like our help to install it please contact our Support team as normal.

See here for more details of Log4j

We can confirm that The PC Support Group’s Kaseya VSA system was not affected by the recent cyber-attacks. This in turn also means we can confirm that none of our clients’ systems will have been affected – this has been independently verified by agencies in the US and Europe.

As a precautionary measure we took our Kaseya VSA offline and have now implemented the range of procedures and updates provided by Kaseya to address the original vulnerability and any other potential issues that have been identified by the various governmental agencies and security companies involved in the response. We have also completed our own internal tests.

We are pleased to report that we are now bringing the system back on line in a controlled manner meaning that we will phase out the use of our provisional support tools over the coming week and return to our standard methods of working.

Some clients may have been set up to use remote access functionality via the Kaseya VSA system as a temporary emergency home working measure on a complementary basis during the COVID isolation period. If you are still using this facility please contact our Support Team to discuss alternative permanent methods of remote connection as this functionality will unfortunately no longer be available due to the changes advised by Kaseya.

We can confirm that The PC Support Group’s Kaseya VSA system was not affected by the recent cyber-attacks. This in turn also means we can confirm that none of our clients’ systems will have been affected – this has been independently verified by agencies in the US and Europe.

On Sunday we completed rollout and implementation of the range of procedures and features provided by Kaseya in preparation for bringing our Kaseya VSA system back online.  We have this morning received Kaseya’s patch to address the original vulnerability and any other potential issues that have been identified by the various governmental agencies and security companies involved in the response.

In line with The PC Support Group’s policy on rolling out Kaseya patch updates, we will now commence our own testing of the patch provided with a view to us bringing it live after our testing criteria has been met.  We will fast track our testing process and provide further updates as we progress.

We can confirm that The PC Support Group’s Kaseya VSA system was not affected by the recent cyber-attacks. This in turn also means we can confirm that none of our clients’ systems will have been affected – this has been independently verified by agencies in the US and Europe. However, as a precaution, until we receive further instructions from Kaseya we will continue to keep the system off line.
Kaseya has developed and is in the process of preparing for rollout, a range of systems to protect against another attack. They have provided us with a set of procedures for us to carry out on our Kaseya VSA servers in preparation for them being brought back on line with the enhanced protections in place. In summary, the protections being provided by Kaseya and that will be implemented before our systems come back online include:

1. A software patch to resolve the specific vulnerability that was breached; as well as any other potential issues identified by the various governmental agencies and security companies involved in the response
2. Vulnerability scanning, to determine any unusual behaviour on their systems
3. A WAF (Web-Application Firewall) and CDN (Content Distribution Network) so no data/traffic accesses our VSA infrastructure directly without undergoing security analysis
4. A Security Operations Centre, monitoring every Kaseya VSA system worldwide to respond when unusual behaviour is detected, and the ability to centrally lock down and bring offline every VSA system rapidly in the event of a detection

Kaseya is bringing about these improvements after a ground-up review with the active involvement of the FBI and CISA in the US, and the equivalent European bodies; as well as third party specialist security consultancies who have reviewed their systems and infrastructure with an impartial and critical eye.
Kaseya will be providing further instructions to assist us with the implementation of all the above measures, and has stated that they are aiming for servers to start to be brought back on line from Monday 12th July.
In the meantime we will continue to provide our usual IT support using other tools where necessary.
Our clients should not experience any change and should continue to use their systems as usual and contact us via the normal support channels if they require help.

We can confirm that The PC Support Group’s Kaseya system was not affected by the recent cyber-attacks. This in turn also means we can confirm that none of our clients’ systems will have been affected. However, as a precaution, until we receive further instructions from Kaseya we will continue to keep the system off line.

Kaseya has developed a patch to protect against the recent attack but has chosen to delay bringing servers on line to enable it to apply additional protection. Kaseya has issued a set of instructions for us to carry out on our Kaseya VSA servers in preparation for them being brought back on line. We will be actioning these instructions throughout today.

Kaseya will then provide further instructions and has stated that they are aiming for servers to start to be brought back on line from Monday 12th July.

In the meantime we will continue to provide our usual IT support using other tools where necessary.

Our clients should not experience any change and should continue to use their systems as usual and contact us via the normal support channels if they require help.

We can confirm that The PC Support Group’s Kaseya system was not affected by the recent cyber-attacks. This in turn also means we can confirm that none of our clients’ systems will have been affected. However, as a precaution, until we receive further instructions from Kaseya we will continue to keep the system off line.

Kaseya has developed a patch for Kaseya VSA servers which they hoped to deploy on their own cloud servers at around 10PM BST (5PM EST) yesterday as an initial controlled test. Unfortunately during that deployment they had some issues and so have delayed this. Kaseya states that they are working around the clock to rectify this issue and will provide an update later today.

In the meantime we will continue to provide our usual IT support using other tools where necessary.

Our clients should not experience any change and should continue to use their systems as usual and contact us via the normal support channels if they require help.

We can confirm that The PC Support Group Kaseya system was not affected by the recent cyber-attacks. This in turn also means we can confirm that none of our clients’ systems will have been affected. However, as a precaution, until we receive further instructions from Kaseya we will continue to keep the system off line.

Kaseya have confirmed that they have developed a patch for Kaseya VSA servers which is currently going through a detailed testing and validation process.  They currently expect to go live with this patch on their own cloud servers at around 10PM BST (5PM EST) and will then monitor this for at least 24 hours before considering whether to release the patch to all Kaseya customers.

In the meantime we will continue to provide our usual IT support using other tools where necessary.

Our clients should not experience any change and should continue to use their systems as usual and contact us via the normal support channels if they require help.

Following completion of our investigation we can confirm that The PC Support Group Kaseya system was not affected by the recent cyber-attacks. This in turn also means we can confirm that none of our clients’ systems will have been affected.

We are currently waiting for an update from Kaseya confirming what changes and/or additional security measures we should take before we can safely bring the system back online.

In the meantime we will continue to provide our usual IT support using other tools where necessary.

Our clients should not experience any change and should continue to use their systems as usual and contact us via the normal support channels should they experience any issues.

Beginning around mid-day (EST/US) on Friday, July 2, 2021, Kaseya’s Incident Response team learned of a potential security incident involving their VSA software.

As The PC Support Group uses Kaseya to support our clients, we are currently checking our system although at this stage do not believe that we have been affected. However, as a precautionary measure we have temporarily taken our Kaseya system offline.

Whilst the system is unavailable our clients’ antivirus software will continue to operate and, if they have backup services with us, they will also continue to operate as normal as they do not rely on the Kaseya VSA system.

Most importantly, we will continue to provide our usual IT support using other tools where necessary.

Our clients should not experience any change and should continue to use their systems as usual and contact us via the normal support channels should they experience any issues.

Some clients may have been set up to use our free remote access functionality as a temporary emergency home working measure during the COVID isolation period. If you are still using this facility, it will unfortunately be unavailable during the downtime of our system, but please contact our Support Team to discuss alternative permanent methods of remote connection.

Kaseya’s efforts have now shifted from root cause analysis and mitigating the vulnerability to beginning the execution the service recovery plan.

They are currently building our on-premises release of their software to make available to us and its other customers. They will begin the communication of the on-premises release process later today.

We will continue to work with Kaseya and only bring our system back on line when it is safe to do so and in the meantime we continue to support our clients.

Without publishing a resolution timeframe, Kaseya has begun the process of remediating the code and will continue to update us through the day.  Once done, they will first need to field test the changes.

We will continue to provide our usual IT support (resuming Monday 5/7/21 8:30) using other tools where necessary.

Our clients should not experience any change and should continue to use their systems as usual and contact us via the normal support channels should they experience any issues.

Whilst we are confident none of our clients have been affected, from Monday morning (5/7/21) we will be able to give instructions to our clients if they want to check and see for themselves.

We will continue to work with Kaseya and only bring our system back on line when it is safe to do so.

Information and advice remains as per our earlier updates.

Kaseya R&D has now replicated the attack vector and is working on mitigating it. They will inform PCSG of a resolution timeframe when they have thoroughly validated and tested the proposed solution.

Some clients may have been set up to use our free remote access functionality as a temporary emergency home working measure during the COVID isolation period. If you are still using this facility, it will unfortunately be unavailable during the downtime of our system, but please contact our Support Team to discuss alternative permanent methods of remote connection.

The PC Support Group team has been working with Kaseya to investigate the attack and at this stage do not believe that we have been affected. However, as a precautionary measure we have temporarily shut down our Kaseya system whilst further checks are carried out.

Whilst the system is unavailable our clients’ antivirus software will continue to operate and, if they have backup services with us, they will also continue to operate as normal as they do not use the Kaseya VSA system.

Most importantly, we will continue to provide our usual IT support using other tools where necessary.

Our clients should not experience any change and should continue to use their systems as usual and contact us via the normal support channels should they experience any issues.

We will continue to work with Kaseya and only bring our system back on line when it is safe to do so.

Beginning around mid-day (EST/US) on Friday, July 2, 2021, Kaseya’s Incident Response team learned of a potential security incident involving their VSA software.

Kaseya immediately notified us via email, in-product notices, and phone to shut down our VSA servers to prevent them from being compromised.

Kaseya then followed their established incident response process to determine the scope of the incident and the extent that their customers

While early indicators suggest that only a very small number of on-premises customers were affected, currently estimated at fewer than 40 worldwide, they took a conservative approach.

Investigation is ongoing and Kaseya believe that they have identified the source of the vulnerability. They will release that patch as quickly as possible to get our customers back up and running.