Ransomware Attacks Cloud Service Provider Insynq; MSPs Impacted
Insynq has suffered a ransomware attack. The cloud services provider (CSP), which works closely with MSPs (managed IT service providers) and accounting firms, experienced the ransomware attack on July 16.
Update July 22: Insynq statement on disaster recovery effort.
Original Story from July 18: As of today, the company still does not know when certain systems and data will be restored. Insynq’s Web chat service on July 18 said support personnel were “currently away and will respond upon return.”
Updated July 19, 4:40 p.m. ET: The company’s support page as of July 19 states:
“**iNSYNQ experienced a ransomware attack on 7/16/19 perpetrated by unknown malicious attackers. The attack impacted data belonging to certain iNSYNQ clients, rendering such data inaccessible. As soon as iNSYNQ discovered the attack, iNSYNQ took steps to contain it. This included turning off some servers in the iNSYNQ environment. This effort was made to protect our clients data and backups.
iNSYNQ continues to engage cyber-security experts for assistance and are working as quickly as we can to restore access to all impacted data.We are not withholding backups. We simply cannot safely access them at this time. We’re working diligently to ensure backups are available to you once we have addressed the underlying problem.
We are taking extreme measures to get your data and environments back up and running as soon as possible. To manage expectations, it is unlikely that we will be able to accomplish this today.
We’ll continue to follow up as we have more clarity on the situation.**
**Please note: the maintenance scheduled for Friday July 19th-20th has been cancelled for 3.x MSP customers.**”
Ransomware: Desktop as a Service, Hosted QuickBooks Hit?
Insynq offers a range of mission-critical services to MSPs and certified public accountant (CPA) firms. The offerings span desktop as a service (DaaS) and hosted accounting applications like QuickBooks and Sage.
MSSP Alert has not confirmed which specific applications were hit, and how many MSPs and accounting partners have been impacted. We’ve reached out to the company for comment, and will update our coverage if/when MSSP Alert has more details to share.
Numerous MSPs and CSPs have suffered ransomware attacks in recent months. The fallout has included:
- An MSP paying hackers $150,000 to unlock data;
- hackers specifically targeting MSP software platforms to launch ransomware attacks; and
- Ryuk ransomware hitting a CSP that works closely with MSPs.
FBI Warns MSPs of Ransomware Attacks
The FBI and U.S. Department of Homeland Security have repeatedly warned MSPs and their technology platform providers about such attacks and the associated data risks.
Amid those challenges, the MSP industry (spanning technology companies, service providers and more) could soon face a “crisis of credibility” if the market doesn’t take major steps to more effectively mitigate ransomware threats, cyberattacks and associated fallout, ChannelE2E and MSSP Alert believe.