Kronos Gets Pwned And Could Be Down For Weeks [UPDATED]

Kronos workforce management solutions provider has suffered a ransomware attack that will likely disrupt many of their cloud-based solutions for weeks:

As we previously communicated, late on Saturday, December 11, 2021, we became aware of unusual activity impacting UKG solutions using Kronos Private Cloud. We took immediate action to investigate and mitigate the issue, and have determined that this is a ransomware incident affecting the Kronos Private Cloud—the portion of our business where UKG Workforce Central, UKG TeleStaff, Healthcare Extensions, and Banking Scheduling Solutions are deployed. At this time, we are not aware of an impact to UKG Pro, UKG Ready, UKG Dimensions, or any other UKG products or solutions, which are housed in separate environments and not in the Kronos Private Cloud.

We are working with leading cyber security experts to assess and resolve the situation, and have notified the authorities. The investigation remains ongoing, as we work to determine the nature and scope of the incident.

Their UKG solutions using ‘Kronos Private Cloud’ are unavailable due to a weekend ransomware attack on December 11th.

Ayal Yogev, CEO and Cofounder, Anjuna Security:

“We continue to see that even the most fastidious SaaS companies struggle to protect their business because today’s computing paradigm equates host access with unfettered data and process access.  A new generation of powerful secure computing technologies uncouple this dangerous link that is the enabler of so many breaches today.”

This isn’t a good look for Kronos as a lot of companies rely on their services. And they could go elsewhere which will cost the company both in terms of money, and to their reputation.

UPDATE: Eddy Bobritsky, CEO of Minerva Labs had this to say:

Ransomware attacks are becoming bolder and more sophisticated, using evasive malware techniques to get around regular EDR antivirus solutions. As we can see here, even with quick detection and immediate action, a small ransomware attack can result in damages that can take “up to several weeks to restore system availability”. This is why, despite its difficulty, it is important to start moving towards a prevention approach, rather than a detect and respond one.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: