It has been reported that the root cause of the ongoing systems outage that is blighting thousands of contractors working for umbrella company Parasol is linked to “malicious activity” on its network, the company has confirmed. The outage is now entering its second week, with the company confirming in a statement on its website that its systems continue to experience “significant issues”, which, in turn, are delaying its ability to pay its contractors. The incident is also known to have affected two other firms, SJD Accountancy and Nixon Williams, which are part of the same group as Parasol and specialise in the provision of accountancy and tax advisory services to limited company contractors.
<p>News that the malicious activity is behind the ongoing system outages with Parasol Group provides little comfort for the group’s contractors who use Parasol’s MyParasol tool to submit timesheets and receive payments. The type of sensitive data that Parasol Group handles and processes is a prime target for threat actors, who can accomplish two separate goals at the same time with attacks like these: halt operations in an attempt to receive some sort of quick ransom payment, and also abscond with contractors’ sensitive information which hackers can use for ongoing nefarious activities.</p>
<p>While the details of this incident are still emerging, contractors are no doubt hoping that their most sensitive personal data was secured by more than just perimeter-based defenses, through more data-centric methods such as data encryption, tokenization, or format-preserving encryption. Data-centric security is crucial for any organisation that wants to follow the general rules of protecting sensitive data elements rather than just the borders around that data, and then keeping sensitive data in a protected state at all times within corporate workflows. Sensitive data should never be in a protected state only part-time—it should be a full-time situation.</p>
<p>The recent Parasol and Brookson breaches, that are impacting pay-cheque distribution and amounts, follow up on the ransomware attack on Kronos, which also impacted pay-cheques to NYC public transit workers, medical workers and Fedex and Whole Foods employees, amongst others. </p>
<p>While the root cause of the attacks has yet to be disclosed, Optionis (the parent company) has taken down all of the group’s online systems. These attacks highlight the interconnectivity of today\’s online and cloud environments; from supply chains and third parties, to shared business structures. Any company, from any industry, may find itself as the target of a breach. On the preventative side, today\’s hybrid environments that may include people and contractors working from home, on-premise data centres and cloud services and resources, require an architectural approach that provides every entity the same level of security and monitoring regardless of where it is located. On the responsive side, security teams and services need to have the ability to quickly identify and remediate such breaches without the need for long process that include data collection and correlation from multiple disjoint systems.</p>