giant Ransomware attack against Kaseya It could have been completely avoided.Former employee Say to Bloomberg It is claimed that they repeatedly warned executives of Kaseya’s products of “serious” security vulnerabilities between 2017 and 2020, but the company did not really address these vulnerabilities. Many employees either resigned or said they were fired for inaction.
According to reports, employees complained that Kaseya used old code, implemented poor encryption, and even failed to patch the software regularly. The company’s virtual system administrator (VSA) is a remote maintenance tool that has become a victim of ransomware. It is presumed that it is full of enough problems and the staff wants to replace the software.
An employee claimed that he was fired two weeks after sending a 40-page safety briefing to executives. Others are just frustrated because they seem to be focusing on new features and versions rather than solving basic problems. Kaseya also laid off some employees in 2018 and instead outsourced work to Belarus. Given the partnership between local leaders and the Russian government, some employees believe this is a security risk.
Caseya declined to comment.
The company has shown signs of wanting to solve the problem. After Dutch researchers pointed out the vulnerabilities, it fixed some problems. However, it did not solve all the problems. Soon after, analysis companies such as Truesec discovered obvious flaws in the Kaseya platform. This is not the first time Kaseya has faced security issues. According to reports, the company’s software was used to launch ransomware at least twice between 2018 and 2019, and it did not reconsider its security strategy.
No matter how accurate the report is, Kaseya’s situation is not unique.Staff at Solar wind, Twitter And others described security vulnerabilities that were not fixed in time. Note that this will only make the situation worse. This shows that key parts of AOL’s infrastructure have become fragile due to negligence, and that these basic mistakes are all too common.
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you purchase goods through one of these links, we may earn member commissions.