ConnectWise

ConnectWise, headquartered in the United States, develops and provides Automate, a software platform designed for centralized IT asset management. This service enables IT professionals to monitor and control computing resources across networks, serving a substantial user base of over 100,000 practitioners. The platform's functionality supports businesses in managing their technology infrastructure efficiently. Its widespread adoption underscores its role in the IT management sector. The company operates under the alias WiseConnect in some contexts. Automate's on-premise deployment model is a key aspect of its service offering.

In November 2019, ConnectWise faced ongoing ransomware attacks specifically targeting customers using on-premise installations of Automate. The attackers aimed to compromise servers and deploy ransomware across entire customer networks, highlighting a significant security vulnerability. ConnectWise responded by issuing a security alert that directed users to a support page for mitigation steps, but this advisory notably lacked technical specifics such as exploited ports or attack vectors. This omission led to public confusion and reports of contradictory guidance in the documentation. The incident was not isolated, as it followed previous ransomware campaigns against the platform, including one that exploited outdated plugins to distribute malware. The large-scale use of Automate by over 100,000 IT professionals amplified the potential impact of these security breaches, affecting a broad segment of the managed service provider market.