Cybersecurity experts called for companies including Kaseya—the remote computer management software provider whose customers were exposed in a major ransomware attack this past weekend—to stop encouraging users to take security shortcuts.
In the attack, hackers affiliated with the REvil group, known for demanding $11 million from meatpacker JBS in an earlier attack, infected thousands of victims’ computers around the world through remote managers of local business IT systems, demanding a total ransom of $70 million.
Experts say malicious hacks like these can be aided by widespread use of security shortcuts that are encouraged by some software service providers. Kaseya, a provider of remote software updates and other services to between 800,000 and 1 million end-users, instructs customers to disable antivirus and other security applications’ ability to scrutinize and possibly raise alarms about Kaseya’s trusted software updates. That practice, experts say, weakens a layer of protection designed to detect suspicious code such as REvil’s.
“As a security professional, any software that recommends I disable my security software right away generates red flags in my mind and gives me a queasy feeling in my gizzard,” said Richard Forno, assistant director of the Center for Cybersecurity at the University of Maryland, Baltimore County.
Forno says the increasing popularity of “software as a service,” or SaaS, means customers are potentially admitting a constant stream of unchecked data into their computers without stopping to check…