You are here

Ransomware Banks on Payroll Firm – Highlights how Attack on Vendor has Direct Impact to its Customers

Ransomware Banks on Payroll Firm – Highlights how Attack on Vendor has Direct Impact to its Customers

Created: Thursday, December 16, 2021 - 11:53
Categories:
Cybersecurity, Security Preparedness

If you utilize UKG (formerly Kronos) for human resources needs (e.g. payroll, time and attendance, etc.), you are aware of the ransomware incident that befell them on December 11 that affected the Kronos Private Cloud (KPC). Likewise, if you weren’t already convinced how a cyber incident on one of your vendors/partners could have direct negative impact on your internal operations, you are now. Hopefully, the impacted organizations had effective business continuity processes in place to react to this outage that Kronos expects to last several weeks.

If your organization doesn’t use Kronos, you may feel like this incident is irrelevant – nothing could be further from the truth. This incident is a perfect example of how a cyber attack can cripple mission-critical business processes and perfectly highlights the importance of vendor/third-party risk management and business continuity planning. As we tend to get upset when you mess with our paychecks – especially around Christmas, it’s plausible that the threat actors may have been banking on that to pressure Kronos into paying – although at this time, there has been no information disclosing any details about demands, who the threat group is, or what data (if any) may have been stolen.

The threat actors seemed to have bypassed several best practice controls Kronos has implemented. According to Kronos, KPC is secured using firewalls, multi-factor authentication, and encrypted transmissions to prevent unauthorized access to their systems. We don’t yet know how the threat actor gained initial access, but this incident has thrust many organizations into processing payroll and time and attendance manually. An affected customer told BleepingComputer that they will now have to go back to using spreadsheets and paper and pencil to cut checks and monitor timekeeping for the time being – or the next several weeks. For more, visit Bleeping Computer.