According to Forbes, ransomware has cost organizations $102.3 million per month in 2021 and is expected to have cost the US economy $265 billion by 2031. These staggering figures show that ransomware attacks are extremely detrimental to businesses and organizations across the country—and the world. Stronger and more accurate cybersecurity is needed to combat the attacks.
Cybersecurity
The vast majority of IT leaders and teams claim that ransomware attacks are the worst form of cyberattack, as anyone can be a victim and the consequences of it are disastrous. As a result, experts from Threat Post listed the top 10 practices to protect data:
- Prompt systems upgrades and software updates
- Implement the 3-2-1-1 backup rule
- Introduce the zero-trust model
- Network segmentation
- Endpoint visibility
- Immutable and indelible storage
- Rapid recovery
- Regular tests and validation
- Educate employees
- Create a cyberattack play book
Whilst these practices do not necessarily stop all ransomware attacks from happening, they can be used to slow down their progress, making life harder for cybercriminals.
The ransomware attack on Kronos
Ultimate Kronos Group (UKG) operates the Kronos Private Cloud and specializes in HR and workforce management. They are responsible for the payment of millions of paychecks, in terms of logging in the hours employees have worked. So, when they are under attack, the whole country knows about it.
Kronos Workforce Central contains a suite of workforce management solutions for attendance, time worked, absence management, and scheduling. As a result, many organizations are left without any records of how many hours their employees worked—and how much money their employees are owed.
This latest ransomware attack on the payroll provider has left many employees worried that they may not get their holiday paychecks. Whole Foods has been forced to make its employees use a paper punch sheet to keep track of the number of hours they have worked. This shows the devastating effects that ransomware can have upon not just organizations, but individuals, as well.
Kronos has a wide variety of clients, such as the city of Cleveland, New York’s Metropolitan Transport Authority (MTA), Tesla, MGM Resorts International, Sainsbury’s, and Puma. Additional clients include hospitals across the country, including San Angelo, the Texan Shannon Medical Center, and many more.
Groups such as Sainsbury’s have claimed that they have lost a week’s worth of data for its 150,000 employees, but that their staff will receive their payments before Christmas. This involves multiple departments working together, including HR, accounting, and payroll, to use historical data and previous work patterns to estimate how much employees have earned.
Initially, Kronos claimed that they have suffered from a service disruption, and it wasn’t until the following day that they announced that they had been the victims of a ransomware attack. A company spokesman said that it could take several weeks to restore their system availability and that their backups were also unavailable.
The Consequences
In addition to payroll concerns, Kronos warned the city of Cleveland that sensitive information had been leaked in the attack. This included employees’ names, addresses, IDs, and the last four digits of their social security numbers. While nothing has been leaked yet, the very nature of ransomware suggests that the data could be released if the financial demand is not paid within the allotted timeframe.
This cyberattack happened just days after one of the worst zero-day bugs occurred in history. The Log4j vulnerability was recently reported, and they initiated a rapid patching process. There is no current indication that there is a relationship between this and the ransomware attack. Kronos, however, is currently investigating the matter.
Experts claim that many smaller companies are being blamed for the payroll issues, many believing that they should have backup plans, instead of relying on Kronos completely. However, experts argue that these businesses have outsourced their payroll to a reputable company and that it is not their fault that this attack has happened.
Kronos is currently advising their clients to look for alternative methods of payroll until they fix this situation. However, the fallout from the possible data breach has the potential to be far-reaching and create problems for millions of employees around the world.
