Kronos System Ransomware Attack

Yupo

Yupo

The Living Force
FOTCM Member
This happened yesterday. I learned about it today, the 15th (payday for State employees). The swipe and time keeping systems were down where I work. Payroll is down for the state (direct deposits). Worse than I thought, as it appears to be a huge company with many international clients. Just in time for Christmas.
www.kronos.com

HR and workforce management solutions | UKG

Our purpose is people™ and we provide HR, payroll, and workforce management solutions that inspire your people and elevate the work experience.
www.kronos.com www.kronos.com
www.aha.org

Kronos ransomware attack impacting hospitals and health systems | AHA News

A ransomware attack has impacted several Ultimate Kronos Group services that hospitals and other organizations use to manage their employees and payrolls, the HR management company has confirmed.
www.aha.org www.aha.org
 
I'm concerned that any digital payment systems are vulnerable. This of course includes Entitlements in USA, like Social Security, EBT cards, military pensions, etc. Maybe even government medical payment systems to hospitals and other entities might be at risk. Somehow I think the payments in the other direction (IRS) will continue.
The good thing that might come from this is a widespread distrust of eBanking and cards, throwing a wrench into the progression of any plan towards a universal digital currency. And anyway, if the grid collapses, it is all gone.
 
Will add this here as well, although I don't think the two are related on a technical level. My company had to take several systems offline to apply patches because of it.

www.wired.com

The Log4J Vulnerability Will Haunt the Internet for Years

Hundreds of millions of devices are likely affected.
www.wired.com www.wired.com

"A VULNERABILITY IN the open source Apache logging library Log4j sent system administrators and security professionals scrambling over the weekend. Known as Log4Shell, the flaw is exposing some of the world's most popular applications and services to attack, and the outlook hasn't improved since the vulnerability came to light on Thursday. If anything, it's now excruciatingly clear that Log4Shell will continue to wreak havoc across the internet for years to come."
 
This guy explains the Log4J vulnerability well. It's quite a technical video, but some interesting points are that this has potentially been a vulnerability since 2013, has only just been announced on MSM recently (last thursday) and it's unknown when it was first exploited.

From what I understand, it's possible to remotely run code on some web based servers, as the logging system that will register a search, for example on Google, will not only store the search term, but in some cases if the search term is code, will execute the code on the inside.

 
A locate log4j on my Linux/Ubuntu shows several programs that might use the lib. 8 Editors/IDEs, 2 atom packages (using log4js which I don't know if it's compromised, it probably doesn't have the java lookup features). At this point I would not want to run any Java. What if I open Android Studio or Netbeans and they look for updates or fetch some new list of community/user addons or whatever and someone created and uploaded an addon with malicious code in it's name or description.

I find it hard to believe this is a 'design flaw'. This is the kind of stuff you would try to inject into open source projects. 2 unrelated features that can in interact in such a way. Some one knew IMHO.
 
You must log in or register to reply here.

Trending content

Back
Top Bottom