Cybersafety Connections December 2021 Vol #48  

  • Beware of December 2021 and the holiday season for scammers and fraudsters abound. 
  • Log4j security flaw may be pervasive on the internet.  
  • Kronos ransomware attack crippling payroll processing for some workers.  

Beware December 2021 and the holiday season  

At yourcybersafetyadvocate. cpa ,2021 was spent on the cybersecurity landscape keeping up to date on cyberattacks that were on the rise due to digital transformation and the work-from-home – remote/hybrid workforce brought on by the pandemic. This pattern of cyberattacks has not abated. This holiday season, the bad actors/cyber criminals are not taking a break. So, beware of scammers and fraudsters online and offline. In December 2021, we have two notable cybersecurity incidents.  

Log4j Security flaw  

Log4j was developed by Apache Software Foundation, a nonprofit that also developed other open-source software. Log4j is a java-based software that large organizations use to configure their applications. Log4j is a popular logging library used online and it gives software developer’s tool to build a record of activities that are used for troubleshooting, auditing, and data tracking. Because the library is open-source and free, it touches every part of the Internet. Big companies like Apple’s cloud computing service, security firm Cloudflare, and one of the world’s most popular video games, Minecraft, among many other services run Log4j, according to this article.  

Issue  

A critical flaw has been identified in the Log4j software that has implications for much of the internet, developers, and users! This incident happened the week before Christmas and it was reported that hackers were already trying to exploit the vulnerability and as many as 100 hacking attempts per minute were occurring according to security firm Checkpoint. Sophisticated threat actors may try to cash in on this security flaw.  

Microsoft warned last week that state-backed hackers from China, Iran, North Korea, and Turkey already tried to take advantage of the Log4j security flaw.  

How Bad is it?  

This flaw may give hackers access to the company’s server and access to other parts of the network. Not only that, it is hard to identify the vulnerability or detect if the system has been compromised.  

There was also a second vulnerability found in Log4j.  

What can be done?  

Apache Software Foundation released a security fix for organizations to apply.  

The onus is on companies to act as well.  

Minecraft quickly published a fix after announcing the vulnerability was found in a version of its game.  

Big companies like IBM, Oracle, AWS, and Cloudflare have notified customers, and some are pushing security updates or putting out their plans for possible patches.  

CISA (Cybersecurity and Infrastructure Security Agency) to minimize misinformation plans to put up a public website to show a list of companies affected by the vulnerabilities and how hackers have exploited them.  

Individuals/small-to-midsized businesses can protect themselves by being on the lookout for company notifications on updating devices, software, and apps and doing the updates.  

Going Forward  

The U.S government on its part issued a warning to companies impacted to be on the alert during the holidays for ransomware and cyberattacks.  

Kronos Ransomware  

Up next is the Ultimate Kronos Group one of the largest human resources companies that were impacted by ransomware attacks. Hackers targeted Kronos, a software company responsible for payroll processing for both public and private sector customers including the city of Cleveland, New York’s Metropolitan Transportation Authority (MTA), Tesla and MGM Resorts International. And Kronos works with many hospitals across the country. 

The Issues  

The crippling ransomware affected payroll systems for several workers. Kronos had noted its systems were down and could be down for several weeks. The ransomware impacted the Kronos Private Cloud solutions that are a data storing entity for several of Krono’s services including UKG Workforce Central used for tracking hours and scheduling shifts by workers. Some employees are unable to access the payroll systems.  

Apart from the payroll issue, there is a data privacy issue as it relates to employee information that may have been stolen by hackers like names, addresses, and the last four digits of social security numbers.  

The Fix  

Kronos took action to investigate and mitigate the issue, alerted affected customers, informed authorities, and is working with top cybersecurity experts.  

Employers made backup plans to pay employees using paper checks.  

In regards to data privacy issues, Kronos stated it is investigating and working diligently to know what customer data may have been compromised.  

Meanwhile  

The Kronos ransomware attack came in the heels of the Log4j security flaw and Kronos had not confirmed if the cyberattack is linked to the Log4j security flaw. All the company did was put up a notice on its website to warn about the impact of Log4j and the efforts made for emergency patching processes to mitigate the security flaw.  

2022  

This is the last publication for the year 2021. We will be giving a rundown of 2021 in the new year and what to expect in 2022.  

Subscribe to get the latest update.