Kaseya was aware of cybersecurity issues before the recent hack

Kaseya, whose VSA remote administration software was hacked earlier this month, has been alerted to security issues in advance, according to online sources. About it writes Bloomberg publication citing the words of former Kaseya employees.

Image: Chris Ratcliffe / Bloomberg

Between 2017 and 2020, Kaseya’s U.S. offices reportedly drew management’s attention to a variety of cybersecurity concerns between 2017 and 2020. However, such issues were usually not fully resolved. This was announced by several former Kaseya employees who were involved in the design and development of the company’s software. They wished to maintain confidentiality, since they had previously signed a non-disclosure agreement.

Some of the most obvious security issues include the use of legacy code-based software, the use of weak encryption and simple passwords in Kaseya products and servers, and failure to comply with basic cybersecurity rules such as regular software updates. A former employee of the company said that he sent management a 40-page document describing security issues in 2019 and was fired about two weeks after that. He assumes that he lost his job due to the fact that he studied the security issues of Kaseya software. Another former employee said the company rarely released patches for its software and kept customer passwords unencrypted on third-party platforms. Other former employees said that adding new features was a priority in Kaseya’s software development, not fixing existing problems.

Researchers from the Dutch Vulnerability Disclosure Institute (DIVD) notified Kaseya back in April of this year about numerous security issues in the company’s software. The institute’s specialists note that Kaseya has demonstrated a willingness to cooperate and a desire to rectify the situation. The company quickly released a patch, but by the time of the ransomware attack this month, not all vulnerabilities had been fixed.

As a reminder, the Kaseya service has become a ransomware distribution channel, which killed about 1,500 end users from around the world. The attack was claimed by hackers from the REvil group, who demanded a total ransom of $ 70 million from the victims of the malware for providing a universal decryptor.

If you notice an error, select it with the mouse and press CTRL + ENTER.


Source: 3DNews – все новости сайта by 3dnews.ru.

*The article has been translated based on the content of 3DNews – все новости сайта by 3dnews.ru. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!

*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.

*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!