Plaintext: One Year Since Kaseya

Welcome to Dark Reading in Plaintext, where each day we bring you insights around one topic important to cybersecurity professionals. This month marks the one year anniversary of the attack against Kaseya. What has changed in the past year? Let us know your ideas in the comments.

July marks the one-year anniversary of the?Kaseya attack , when the Russia-linked REvil ransomware-as-a-service group compromised the company via an authentication bypass to distribute ransomware. The attack is part of a growing trend of cybercriminals and espionage operators targeting the suppliers of administrative software used by companies to manage their environments. Previously, ransomware and nation-state groups had successfully compromised?remote-management provider SolarWinds ,?Ukraine-based accounting software M.E.Doc , and?system management software Piriform . In each case, malicious code hidden in a software update allowed the attack to spread to a large number of the vendor's customers. (Read more When Software Updates Get Hacked )

What has happened since?

• The ransomware attack against Kaseya highlighted threats against managed service providers. These attacks are also much harder to prevent, since they often exploit employees at the company who think they're performing everyday tasks like logging in to email. There are ways organizations can prepare themselves in a post-Kaseya world, writes Ashok Sankar, vice-president of solutions marketing at ReliaQuest. (Read more 3 Security Lessons Learned from the Kaseya Ransomware Attack )
• Kaseya reminded us that everyone in the ecosystem is a target, writes Deepwatch's Wesley Mullins. We have more heavily funded, more vastly staffed attackers pounding on our supply chains (and everything else). (Read more Getting Ahead of Supply Chain Attacks )
• A Ukrainian man was arrested for allegedly taking part in the ransomware attack on Kaseya. This man was arrested in Poland and is currently awaiting extradition the the United States.

Headlines on Tap

• The new SEC guidelines require public companies to notify the SEC within 96 hours of a material breach.
• The proposed SEC rules align cybersecurity with ESG (environmental, social, and governance) discussions.
• In a filing with the US Securities and Exchange Commission , T-Mobile said it would pay $350 million (or $4 per customer) to fund customer claims arising from last year's data breach.

Subscribe to get the latest headlines delivered to you each morning with Dark Reading Daily .

On That Note

The four finalists for the first-ever Innovation Spotlight has been selected: KeyCaliber, Normalize, Phylum, and Tromzo. These four will present their solution in front of a panel of judges on Aug. 10 in Las Vegas during Black Hat.

Source: David von Diemar via Unsplash