We all know the story, we go to work, we clock in, we do our jobs, we go home to our families - and we expect to receive pay for the hours we work, right? So, what happens if the company's payroll system is down? There's a hack, and your employer has become too reliant on it to come up with an immediate solution to pay its employees? - Well, in this week's video on Stan's Garage, we discussed a recent ransomware attack that left employees facing the consequences of their time tracking system being down - and ways you can prevent this from happening to YOUR information.
Just this last December, thousands of employers were faced with the harsh reality of being underprepared when its Human Resource and Payroll System provided by Ultimate Kronos Group, was hit with a ransomware attack that crippled it.
What is ransomware?
In short, it's when your software is held for ransom... no really.
A ransomware attack is a malicious software hack that infects a computer and prevents users from using it until a ransom is paid. Ransomware accomplishes this via encrypting files on the endpoint, threatening to delete files, or preventing access to the system. Ransomware attacks can be very harmful when they go against hospitals, emergency call centers, and other important infrastructures.
It may seem like something out of a sci-fi thriller, but it is far more common than you might expect. Attackers target these large corporations in the hopes of making a substantial profit, but they primarily harm the employees of these companies' clientele.
Attack on Kronos
Kronos payroll software was used by OhioHealth, one of the Kronos Group's 27,000 employers, to distribute paychecks. When the system was hit by ransomware, companies like OhioHealth had to come up with a variety of solutions to ensure their employees didn't miss any paychecks. However, the existing emergency system had flaws. Many OhioHealth employees claim they have been underpaid as a result of the problem.
One employee spoke out to say she was only receiving 70% of her pay despite working full-time. This happened because the emergency payroll system in place did not account for past pay. The employee at hand was previously on leave where she was receiving a percentage of her paycheck, but she returned to work prior to the software attack. This problem threatens the very livelihood of people who rely on their paychecks to pay the bills.
This incident is obviously a huge problem for Kronos and any affected employees. Not only is their software compromised, but many of their clients are left in the dark about when their systems will be restored. Is their reliability tainted by this kind of uncertainty? Could they have prevented this hack? Could anyone prevent it? Well there are definitely precautions you all should take.
As an employer, this can be pretty scary to think about, but there are some ways we can prevent ransomware attacks. We have come up with some pointers to help protect your data
7 tips that you can implement to help protect your data.
1. Back It Up
Obviously backing up critical data to recover from a ransomware attack is key. But there are a few points to consider. Protect and store you back-up files off-line or out-of-band to avoid attack. Regularly test backups. In an attack, check your backups for contamination before restoring.
2. Have a Plan
Make a ransomware response strategy so your IT security staff knows what to do. Define roles and share the plan. Include a list of contacts, such as partners or vendors. Do you have a "suspicious email" policy? If not, try establishing a firm-wide policy. This will help staff understand what to do if they receive an unknown email. Sending an email to the IT security staff may suffice.
3. Examine your Firewall Configuration
Many ransomware strains use common, exploitable services for communication. Consider if your organization needs to leave these ports open, and who can connect. For both on-premises and cloud scenarios, block unnecessary services by collaborating with your cloud service provider.
4. Make sure your endpoints are more durable.
Assure that your systems are secure. Ensuring that your organization's configuration settings are secure can help reduce the attack. Businesses seeking to implement industry-leading, consensus-developed configurations may consider the CIS Benchmarks. I'll talk about those in a future video.
5. Be Up to Date
Regularly upgrade your organization's operating systems, apps, and software. Applying the latest updates help to close security holes targeted by attackers. Turn on auto-updates to get the newest security patches.
6. Involve the Staff
Ransomware attacks stop through security awareness training. Everyone benefits from knowing how to recognize and avoid fraudulent emails. Team members can learn what to check for in an email before clicking a link or downloading an attachment. You can see my video about Security Awareness on this channel.
7. Set up an IDS
An Intrusion Detection System (IDS) compares network traffic data to known malicious activity signatures. A good IDS will regularly update signatures and inform you if it finds suspicious activity.
To sum this all up, no one wants their company to succumb to a ransomware threat. It can leave employers left in the dark and employees stuck dealing with the consequences. When it comes to all cyber security threats, it's important that we take precautions.
Being aware of these threats is sometimes half the battle. With all this in mind, backing data up and having an emergency plan can be crucial steps for any employers to take.
Contact our IT experts today to find out more about protecting yourself against ransomware attacks. We’re happy to suggest the best solution for your needs and set it up, too.
Click here to schedule a free 15-minute meeting with Stan Kats, our Founder and Chief Technologist.
STG IT Consulting Group proudly provides IT Service in Greater Los Angeles and the surrounding areas for all of your IT needs.
We look forward to meeting with you!