Kaseya Had a History of Security Issues Before Ransomware Attack
8 hours ago
Software firm Kaseya had a history of security issues long before the latest one that allowed the biggest ransomware attack in history to occur.
Kaseya went from relative obscurity to being one of the most well-known software firms in the world, thanks to being ground zero for the worst ransomware attack in history. Kaseya makes software used for managed services. As such, it made for a prime target, since compromising its software would open the door to compromising all the companies that rely on its services. Indeed, as many as 1,500 customers were believed to have been impacted.
Jul 8, 2021 3:28 PM EDT
A slew of disruptive ransomware attacks have rattled the U.S., including the recent massive breach of software company Kaseya, and a reported attempted hack on the Republican National Committee. In the aftermath, both the corporate sector and U.S. government officials are scrambling to address how Congress and individual businesses should handle the growing threat.
“We’ve got a moment in time where you can’t ignore it anymore,” said Sen. Lindsey Graham, R-S.C., at a June 17 press conference to unveil legislation that would target cybercrime. Graham said cyber threats should be considered part of the nation’s core infrastructure.
AWS launches BugBust contest: Help fix a $100m problem for a $12 tshirt theregister.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from theregister.com Daily Mail and Mail on Sunday newspapers.
Rep. Ted Lieu, D-Calif., arrives on Capitol Hill on February 13, 2021 in Washington, DC. Lieu introduced a bill which would require vulnerability disclosures of fedreal contractors. (Photo by Stefani Reynolds – Pool/Getty Images)
Rep. Ted Lieu, D-Calif., will announce Tuesday a bill that would require all federal contractors to have a vulnerability disclosure program.
The Improving Contractor Cybersecurity Act draws inspiration from the Department of Homeland Securityâs Binding Operational Directive 20-01, which ordered federal agencies to develop disclosure programs.
ââAs we have seen with SolarWinds and now with USAID, every vendor is a potential threat vector. With this bill, we’re acknowledging that risk and making sure the federal contracting statute can meet our needs from a risk management standpoint,â Lieu told SC Media.