[ad_1]
on April 1, researchers from the Dutch Institute for Vulnerability Disclosure identified the initial findings of seven risks — all of which are easy to find, some of which can be dangerous — in an IT management system called Virtual System Administrator. By April 6, he had found 2,200 unsafe methods and disclosed his findings to Kaseya, the company that supported the VSA. Kaseya caught four of the seven in the days and weeks that followed, but three remained. What happened next is one of the biggest threats in history.
On July 2, just days before the 90-day DIVD disclosure date to Kaseya, the robbers allied themselves with the redemptive team REvil used one of the three VSA challenges together with another flaw, it has finally spread malware to some 1,500 businesses and organizations worldwide. Kaseya did not ignore the remaining bugs. He continued to work with Dutch investigators to fix it — not quickly enough to avoid the worst.
“I believe he is trying very hard,” said Victor Gevers, DIVD chief executive. “They were compiling a list of jobs, hiring new security professionals, hiring foreign security companies, monitoring secret sources, monitoring how they work, actually working in security. But it happened at the same time.”
Kaseya’s spokesman declined to comment on the matter, based on the company’s investigation into the incident. As of July 2, however, the company has he said repeatedly that the remaining patches are preparing for release. About a week after the attack, this did not happen.
This is not to say that Kaseya has been lazy in responding to the protest. The company quickly shut down its cloud offerings as a warning and began to actively encourage customers running “on-site” VSA servers to do the same to reduce crashes. The number of open VSA servers on the internet has dropped to about 1,500 on July 2, less than 140 beginning July 4, and 60 from today.
But while a few risky behaviors contribute to the rise in the conspiracy, it does not help victims whose systems are locked out.
“Kaseya had the opportunity for many years to deal with a situation that could not be compared to that which allowed REvil to destroy its customers,” said Katie Moussouris, founder of Luta Security and a researcher on long-term threats.
Risk exposure programs and a wide range of bribes such as those offered by Kaseya are a necessary tool, says Moussouris, to companies looking to strengthen their digital security. But these programs may not provide adequate security if the company no longer uses internal security with employees.
“We can’t afford to redeem one program at a time,” says Moussouris.
Many companies are less obedient and work together on more challenges than Kaseya was. But the supervisors who oversee the use of Kaseya programs are known, the value targets for redemption; Kaseya tried to do the same raise awareness of this issue in 2019. After Kaseya’s long absence, especially in light of the difficulties he had in recognizing it, it was possible that one can find them.
The consequences of Kaseya’s demise are still playing out. REvil claims to have printed more than a million machines as a conspiracy, but the robbers appear to have a difficult time paying off debts from victims. The group has demanded tens of thousands of dollars in compensation from multiple targets but will also make a total of $ 70 million in damages. Then that lowered the blanket to redeem up to $ 50 million. The group’s contact door has also been supported.
[ad_2]
Source link
