Christmas bonuses could be delayed after HR and payroll giant Kronos hit by ransomware attack

ID theft
(Image credit: Future)

Top American payroll service provider Kronos has suffered a major ransomware attack possibly caused by the increasingly notorious Log4Shell flaw. 

The company revealed an attack had taken down services using the Kronos Private Cloud - namely Kronos' UKG Workforce Central, UKG TeleStaff, and Banking Scheduling Solutions services.

“As we previously communicated, late on Saturday, December 11, 2021, we became aware of unusual activity impacting UKG solutions using Kronos Private Cloud. We took immediate action to investigate and mitigate the issue, and have determined that this is a ransomware incident,” wrote Kronos representative Leo Daley.

Weeks of delay

“At this time, we are not aware of an impact to UKG Pro, UKG Ready, UKG Dimensions, or any other UKG products or solutions, which are housed in separate environments and not in the Kronos Private Cloud,” Daley added, further saying that it may take up to “several weeks” to restore system availability.

“We strongly recommend that you evaluate and implement alternative business continuity protocols related to the affected UKG solutions,” Daley concluded.

Even though the company’s representatives did not confirm that the ransomware came as a result of Log4Shell, they didn’t decline, either, further fueling speculation. 

Log4Shell

Log4Shell is the name of the recently discovered Log4j vulnerability, which is already being dubbed as the most serious threat ever seen. It is a zero-day endpoint vulnerability in the popular Java logging framework, with enormous potential. It allows malicious actors to run virtually any code, and with the skillset needed to use it very low, experts are urging companies to patch up immediately.

The flaw is being compared to the 2017 Equifax hack, where the personal data of almost 150 million people was exposed.

Organizations using Log4j in their software should upgrade it to the latest 2.15 version immediately which is available from Maven Central.

Kronos’ cloud services rely heavily on Java, the software framework that Log4J is based on, Arstechnica reported.

Via: Arstechnica

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.