In order to fight against ransomware and their increasingly devastating effects in all sectors, the United States points to the insufficient security among big tech. The country is reportedly considering legislation that would hold tech companies liable if their practices or software pose excessive risks.
Big tech companies are currently in the crosshairs of the US government because of insufficient cybersecurity protocols. Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA), an agency of the United States Department of Homeland Security, claimed that poorly designed software and unsafe practices facilitate ransomware. This would notably have the effect of paralyzing sectors such as energy, food production, hospitals and schools.
According Bloombergshe specifically pointed the finger at Microsoft and Twitter, saying they should do more to get users to implement multi-factor authentication (MFA). With this service, in addition to their username and password, the user must provide at least one other piece of information, such as a one-time code, in order to be able to connect. This, while Twitter has just announced that the platform is paying for double authentication by SMS.
Apple cited for its best practices
Jen Easterly supports creating legislation to hold companies accountable if their products carry excessive risk. According to her, only a quarter of Microsoft’s enterprise customers, and a third of their administrator accounts, activate MFA. According to Twitter’s latest report, from 2021, only 3% of the platform’s users use MFA.
The CISA director, however, encouraged companies to follow Apple’s example. About 95% of iCloud users have enabled MFA because it is the default setting.