 Ninja RMM partner used to seed ransomware with great power comes great responsibility we've heard that before at least most of us nerds have and this is true of course of the tools that we use to manage clients. Ninja RMM is a tool that I'm not deeply familiar with it is a competing product to the ones we use I've not heard anything really bad or good about it but I'm positive they don't really like their name on a title unless it says protected against ransom wear and this comes to that with great power great responsibility Ninja RMM said its tool was used to spread ransomware across multiple endpoints and before you go into panic or the confusion that often comes with this wonderful headline no it's not a compromise in Ninja RMM it's much less exciting there wasn't I don't have a clever hack to share with you I don't have a wow this is amazing this is a really interesting breach it's actually kind of boring in terms of methodology methodology appears to be password-guessing and the folks at Huntress have and I'll leave all this on Reddit a good debrief on this essentially what they appear to be happening here people keep are using passwords and this is where I will blame Ninja not for a security flaw in terms of a product flaw or a breach problem it is a problem of they allow their users not to have 2FA and if you can allow people to be lazy they will and unfortunately this happens in the MSP space and I have had conversations with Kyle who's a CEO of Huntress before there just needs to be better methodologies to help audit these MSPs to help you know prevent this from happening because the ultimate victims are not the MSP who of course may may or may not even survive this type of thing because now their and their clients are encrypted and their clients have now lost all trust in that MSP so all the work they did in sales and everything else to build their client base now has a lot of angry client base and all comes down to the MSP was lazy did not have 2 factor turned on and that's what they discuss here and they believe it was part of a compromise that happens somewhere else perhaps somewhere else in the channel partner network as in some company that you had to set a username password for it may be not part of your tooling may be not part of what you use on a daily basis like Ninja RMM but maybe some other site and people go yeah whenever I use my work password this is what I use blah blah blah or some type of pattern for it because the hackers are able to get in with valid credentials and of course without that second factor of authentication it's kind of a easy to get in and Ninja RMM by by choosing convenience or security and saying yeah and we do fully support two-factor Ninja RMM does I was looking under site even though I haven't used it they talk about all the different methodology to factor they will also allow someone to not have it enabled and I don't find this acceptable this is my position on this I think companies should force more people I know it's inconvenient I know there's a marketing team going come on we got to get this out there we got to have sales we can't have users complaining oh it's too hard to sign up or it's too hard to use because I got to use this stupid little two factor each time that is a trade off you are dealing with a very powerful tool that allows remote management of lots of computers the RMM tools that we use make it really easy to deploy software deploy updates manage computers at scale so that same tool is quickly used against us if it is compromised and if you don't have two factor solar winds a while ago forced us to use two factor whether we liked it or not I've been using two factor forever with solar winds it's not policy I have at my company top to bottom but I know MSPs that do not and it's really hard for businesses to make determinations on whether or not they have an MSP following the rules or not and reality is security is a team support my goal is to raise awareness hopefully if you're in a position of power and you see something like this you go okay we it's time we do this I realize we're not doing it and you do it or if you're not in a position to make decisions you're hopefully going to share this video and influence someone or share this article share these write ups and go look this is what happens to companies that choose convenience over security potentially get compromised now I highly recommend not just turning on two factor but not reusing passwords this is one of the huge factors as well and I know people and I've dealt with this even when I've done some consulting with MSPs I want to pull my hair out because I find out they're using the same password all over the place and I'm just like stop that if any one of these places get compromised they have keys to all of the kingdoms and all the different tooling that you use so making sure you have unique passwords for everything it's usually important password managers can really help with that because yes passwords are hard to remember that's why tools like last pass and several others exist so my advice is turn on two factor read through the debriefs if you want to know some of the details there's also a link to a excellent YouTube video which is a breach breakdown report previously done by Huntress it's an excellent watch go through that it's a good learning lesson on there but it's one of those things like you you need to be aware of these things if you're working in the MSP space I'm driven nuts by people who get in just because they owe there's money in this technology thing but then they make shortcuts of convenience don't do that please 2FA all day every day don't make exceptions to that we can't make it this easy for people to get in and you know you work really hard on sales you really really hard on building your client base I don't know the MSP will remain anonymous but they may not remain at all they may end up going out of business because just me their clients who are finding out that they're encrypted and they have been crypto lockered and it was not their fault it was actually the people they paid to protect them that's where things get really scary so that's it's going to destroy this company undoubtedly even if they have cyber security insurance their survivability is low so think about that as you're building out your MSP start security from day one by the time you grow the company and you've made these clear rules of everyone has to have it your life will be better I'll leave links to this as I said and stay secure all right thanks thanks for watching if you liked this video give it a thumbs up if you want to subscribe to this channel to see more content hit that subscribe button and the bell icon and maybe YouTube will send you a notice when we post if you want to hire us for a project that you've seen or discussed in this video head over to LawrenceSystems.com where we offer both business IT services and consulting services and are excited to help you with whatever project you want to throw at us also if you want to carry on the discussion further head over to forums.lorencsystems.com where we can keep the conversation going and if you want to help the channel out in other ways we offer affiliate links below which offer discounts for you and a small cut for us that does help fund this channel and once again thanks again for watching this video and see you next time