Are online payroll software systems secured from cyberattacks? This article discusses the importance of Cloud-based payroll systems to mitigate the second wave of cyberattacks. This attack has risen, with human error accounting for 52 percent of security breaches. Cybercriminals are becoming more adept at data stuffing, making human error much more likely. As organizations continue to implement cloud-based payroll software, they can rest assured that they are secure from cyberattacks.
Cloud-based payroll systems mitigate the second wave of cyberattacks.
The first cloud-based payroll system was not immune to a cyberattack earlier this year. Armor’s TRU team identified three payroll-related cyberattacks in the southeastern U.S.: a February ransomware attack on Atlanta-based Apex Human Capital Management; a March cyberattack on the Thomasville, Georgia, school system that nearly cost the school district $2 million; and an April 3 attack on the Tallahassee, Florida payroll department.
A recent attack on Kronos, a cloud-based payroll system provider, may have impacted some of Kronos’ customers’ ability to process employee paychecks. The ransomware has been credited to the hacker group. The hackers have released over 773 million unique email addresses and plain-text passwords from 240 payroll departments linked to the online payroll software representing various industries and sizes. In addition, the ransomware attacks may have compromised the personal information of individuals.
Human error accounts for 52 percent of security breaches.
A recent CompTIA study revealed that human error is the number one reason for data security breaches. Yet, while human error is one of the biggest concerns, it’s not necessarily a top concern among IT or general staff members. Only half of companies have a comprehensive security policy in place. So, why does human error account for 52 percent of security breaches? When asked about the most common types of human error, 42% said “end-user failure to follow policies and procedures,” 42% said “general carelessness,” 31% said “failure to stay up to date on new threats,” 29% said “lack of expertise with websites/applications,” and 26% said “IT staff failure to follow policies and procedures.”
We utilize a rising number of tools and services in our increasingly advanced and demanding work environments, and we have usernames, passwords, and other information to remember for each of them. When employees are not given alternate, secure options, they begin to take shortcuts to make their lives simpler.
Cybercriminals have become more skilled at data stuffing.
The number of reported data breaches rose by 40 percent in 2016, and the amount spent on information security rose to $73.7 billion from $67.1 billion in 2015. Of course, no business is safe from cybersecurity risks. Still, small business is twice as likely to fall victim to payroll fraud. Unfortunately, many small businesses do not invest in solid cyber protection. That’s where third-party organizations come in. They can help protect your company from the latest cybercrimes.
The FBI recently warned that online payroll accounts are a popular target for cybercriminals. The attack is usually accomplished with phishing emails that capture employees’ login credentials. Once they have this information, the attacker can manipulate the account settings to change the destination of direct deposits and prevent direct deposit alerts from being sent. The attackers can even use prepaid cards to access employees’ accounts and steal their personal information.
The global cybercrime ecosystem is growing in complexity. Petty cybercriminals can connect with bigger organized crime groups, which can download more advanced tools that bypass defenses and breach systems. These hackers also sell their skills to organized criminal groups, which can launch even more sophisticated attacks. The threat from malware strains like CryptBot is increasing due to this trend.