Datto CISO encourages all MSPs to use RMM Endpoint Assessment Tool to detect intrusion attempts and protect against future attacks
Norwalk, CT – December 21, 2021 – Datto Holding Corp. (“Datto”) (NYSE:MSP), the leading global provider of cloud-based software and security solutions purpose-built for delivery by Managed Service Providers (MSPs), is encouraging all MSPs to download a free script that it has developed and made available on GitHub for any Remote Monitoring and Management (RMM) solution. This Endpoint Assessment Tool can uniquely enumerate potentially vulnerable systems, detect intrusion attempts, and inoculate Windows systems against Log4j attacks.
On December 10, a serious zero-day vulnerability in the Apache Log4j logging framework was disclosed. The bug, which allows malicious actors to exploit vulnerable systems remotely, has been given the highest severity score, and governments globally have issued alerts. Within the critical 24 to 48 hour period following the disclosure of the vulnerability, Datto first declared its products safe for use. Datto immediately began sharing active threat intelligence with the MSP community about attacks it observed to help MSPs understand the Log4j threat and how it was being exploited.
Datto packaged quality contributions from the security community into an MSP-friendly form and released two different versions of an Endpoint Assessment Tool to help Datto partners and all MSPs detect and respond to potential exploitations. The adoption of the component created for Datto RMM has been utilized by almost 50% of all Datto RMM partners, which represents millions of scans of endpoints by MSPs for vulnerabilities at client-sites that are small and medium businesses.
“The adoption rate of the Datto RMM component tool has been tremendous, with half our Datto RMM partner base utilizing it to scan protected endpoints. I’m hearing from partners that they finally feel empowered to respond to this emerging threat with this tool,” said Ryan Weeks, Chief Information Security Officer at Datto. “From a community defense perspective, we want to make effective response tools broadly available to help every MSP in the channel to become more secure and to withstand cyber attacks. It is a chief priority at this time to encourage all MSPs to take advantage of the tools we’ve made available in Datto RMM and on GitHub to protect themselves and their clients. RMMs offer a key systems inventory and response capability that makes it easy to view, manage, and secure your endpoints during critical events.”
Unlike other scanners, scripts, and tools made in the wake of Log4Shell, which only scan the system for insecure JAR files, Datto’s tool goes a step further. It provides the ability to search the contents of server logs to detect intrusion attempts as well as inoculate Windows systems against Log4j attacks.
Weeks continued, “During this critical time, I am pleased to see there has been some great information sharing and that we are really coming together as a community. However, the Log4j response is going to require diligence for weeks to come as more vulnerabilities are released, as nuances in the mitigations are understood, and as exploits evolve.”
Weeks provides the following advice for MSPs:
- Update all Java applications which use Log4j
- Restrict outbound network access from affected hosts so Java classes can not be downloaded from remote locations
- Talk to your vendors about their posture with regards to Log4j and how they are assessing their own vendors (known as fourth-party risk)
Stay up to date on guidance from Datto at datto.com/blog for tools that mitigate and remediate cyber events and industry-standard best practices to proactively maintain an advanced security posture to meet today’s emerging threats.
As the world’s leading provider of cloud-based software and security solutions purpose-built for delivery by Managed Service Providers (MSPs), Datto believes there is no limit to what small and medium businesses (SMBs) can achieve with the right technology. Datto’s proven Unified Continuity, Networking, and Business Management solutions drive cyber resilience, efficiency, and growth for MSPs. Delivered via an integrated platform, Datto’s solutions help its global ecosystem of MSP partners serve over one million businesses around the world. From proactive dynamic detection and prevention to fast, flexible recovery from cyber incidents, Datto’s solutions defend against costly downtime and data loss in servers, virtual machines, cloud applications, or anywhere data resides. Since its founding in 2007, Datto has won numerous awards for its product excellence, superior technical support, rapid growth, and for fostering an outstanding workplace. With headquarters in Norwalk, Connecticut, Datto has global offices in Australia, Canada, China, Denmark, Germany, Israel, the Netherlands, Singapore, and the United Kingdom. Learn more at www.datto.com.
Shoba V. Lemoine