Lessons Learned from the Kronos Ransomware Attack

Lessons Learned from the Kronos Ransomware Attack

Workforce Management solutions provider, Ultimate Kronos Group (UKG), was hit by a ransomware attack, impacting its private cloud services, including Banking Scheduling Solutions, Healthcare Extensions, TeleStaff, and Workforce Central.

Kronos became aware of unusual activity impacting the Kronos Private Cloud (KPC) on Saturday, December 11th. Executive Vice President, Bob Hughes said in a post on Kronos’ Customer Support forum. Following the discovery, Kronos took immediate steps to mitigate the issue. Kronos notified the proper authorities and is currently working with cyber security experts to resolve the situation.

Kronos continues to advise customers to evaluate and implement alternative business continuity protocols to support their HR services (which we know is easier said than done). Kronos advised customers that it may take several weeks to fully restore systems support those services.

”We deeply regret the impact this is having on you, and we are continuing to take all appropriate actions to remediate the situation”, Hughes said.

Kronos is known for its cloud-based solutions for managing employee benefits, payroll, timekeeping, and more. Tens of thousands of businesses and government organizations worldwide use the solutions provided by Kronos. The Kronos Private Cloud (KPC) is secured using Multi-Factor Authentication, firewalls, and encrypted transmissions, but the bad actors were able to breach the systems and encrypt servers as part of the ransomware attack.

The ransomware attack may have compromised sensitive information like names, home addresses, social security numbers, and employee IDs. The Kronos attack is the latest in a series of ransomware attacks on organizations in 2021.

Lessons Learned from Ransomware Attacks

It’s obvious that ransomware attacks are on the rise, and they can have long-lasting consequences that impact every aspect of a business including customers, clients, operations, and brand reputation. Each year, more and more businesses and individuals need assistance responding to ransomware attacks. Each year, businesses learn more about the destruction of ransomware attacks and the importance of responding to and preventing such attacks.

Here are a few of the lessons that organizations can learn that can protect themselves from ransomware attacks:

• Patch and Update of Software and Applications
• Provide Employees with Security Awareness Training
• Ensure Proper Backups of Data

In the event of a ransomware attack that leaves your organization’s data encrypted, your last line of defense and restoration will be through the backups of your data. Some types of ransomware will successfully encrypt the backups of your data, so it’s crucial to ensure there is a working copy of your data.

Disaster Recovery in Cloud Computing

You should perform regular data backups, and your backups should be stored off-site physically or digitally in a cloud environment. You can protect your workload when disaster strikes by instantly accessing your systems with cloud-based recovery and restoring them anywhere. One of the greatest benefits of utilizing cloud storage is that when it comes to disaster recovery, resuming business functions is not only faster but less costly.

Disaster recovery in cloud services entails storing critical data and applications in cloud storage and having that information in a secondary location in case of a disaster that takes down your cloud services. Cloud services are provided on a pay-as-you-go basis and can be accessed from anywhere. Disaster recovery in cloud services can be automated, requiring little effort on your part.

We back up our client’s Office 365 and Gmail environments because we know that someday they may be down for a couple of days or they may not be able to restore something that went away after a cyberattack or natural disaster. We encourage other businesses to do the same. Even if you don’t have a backup button, you can occasionally do an export of your data.

For example, every Friday you can do an export of your Payroll data and save it to a local drive or your OneDrive. If one day your cloud solution does go down, you will be protected because you have saved your essential data by exporting it.

The goal of disaster recovery is to minimize the overall impact of a disaster on your operations. Disaster recovery for cloud computing services can do just that. After disaster strikes and your operations have been restored, you can lean on your cloud backups and restore your infrastructure and its components to their original state. You will reduce business downtime and service disruption will be minimized.

Protect your data before it’s too late.  If you have questions about responding to ransomware attacks or about how you can protect your cloud services through disaster recovery, contact us today.