The HR management platform has already informed major customers, like the city government of Cleveland, about the attack.
Krono's software is used by many major corporations and local governments. Among it's many clients, Tesla, City of Cleveland, hospitals and universities including Clemson, Temple and Winthrop University Hospital. The clients use Kronos work management software.
The ransomware attack has compromised employee information including names, addresses and social security numbers.
Worst of all is the outage is going to cause many to miss payroll this week. Not a pleasant thing during the holiday season.
These researchers wanted to test cloud security. They were shocked by what they found.
Cybersecurity researchers set up a tempting cloud honeypot to examine how cyber attackers work.
Cloud computing has become ubiquitous in business today. The problem is the same lax password requirements and slack security is being utilized by many of the companies. Recently cybersecurity experts at Palo Alto Networks set up a honeypot of 320 entry points around the world. A "honeypot" is similar to a sacrificial lamb and is meant to attract cybercriminals.
The honeypot was designed with weak passwords used default passwords that was shipped from factory, info readily available online. The honeypot was made up of common remote services, misconfigured to attract malicious actors.
And it wasn't long before cyber criminals discovered the honeypot and looked to exploit it -- some of the sites were compromised in minutes while 80% of the 320 honeypots were compromised within 24 hours. All of them had been compromised within a week.
"The speed of vulnerability management is usually measured in days or months. The fact that attackers could find and compromise our honeypots in minutes was shocking. This research demonstrates the risk of insecurely exposed services," said Jay Chen, principal cloud security researcher at Palo Alto Networks.
Intel 11th Generation based Workstations by Driving Force
No comments:
Post a Comment