Workforce management and human capital management cloud provider Kronos recently became the target of a ransomware attack. The scale of the incident forced the company’s servers offline. Although the targeted infrastructure -the Kronos Private Cloud – was secured with firewalls, multi-factor authentication and encrypted transmissions, threat actors were still able to breach their systems.
The incident left multiple public and private sector customers reliant on its software with their own operational problems, according to The Stack.
Looking at the issue for Digital Journal is Nick Tausek, Security Solutions Architect at Swimlane.
According to Tausek the rogue elements were able to work their way around the security infrastructure of the firm, as he notes: “Kronos Private Cloud was secured yet cybercriminals were still able to breach and encrypt its servers. While it’s unclear exactly how the breach took place, Kronos predicted that their Private Cloud solutions would be unavailable for a number of weeks.”
Private cloud solutions (sometimes referred to as the ‘corporate cloud’) is a system that allows companies to architect a data center by using software-defined networking and virtualization. Under this type of system, all hardware and software resources are dedicated exclusively to, and accessible only by, a single customer.
Tausek notes that the extended shutdown presented challenges to the organization, as it would to any firm seeking to process pay, bonuses annual leave.
Tausek recommends that companies learn from the incident and put in place robust measures to prevent recurrence. Tausek states: “To lessen the chance of attacks like this happening in the future, companies should consider implementing one all-encompassing platform that centralizes detection, response and investigation protocols into a single effort and helps security teams automate certain tasks.”
He advises further: “By leveraging the power of low-code security automation, companies can respond to more alerts in less time, vastly decreasing the risk of a targeted ransomware attack without increasing the workload on security operations staff.”
Low-code software development is a well-established process that delivers applications faster than traditional approaches. The approach now forms part of the set of cybersecurity tools available to businesses. The automation part helps to address the continual issue where security teams are challenged to keep up with the deluge of tasks associated with security processes, impacting across the entire organization.