Serco Tracking Devices On Prison Vans Disabled After Cyberattack
An outsourcing service provider responsible for the transfer of British prisoners between prisons, courts and other facilities, has been impacted after a cyberattack on a third party solutions provider.
In an updated statement to the London Stock Exchange on Wednesday, Microlise Group Plc – a provider of SaaS-based transport tech solutions to fleet operators – confirmed that hackers may have accessed employee data but said it is “confident that no customer systems data has been compromised.”
Microlise had first alerted the world of a cyber security incident on Thursday 31 October 2024, but now said it is “pleased to say that it is making substantial progress in containing and clearing the threat from its network.”
Microlise cyberattack
“The Company has been bringing services back online and currently expects this to continue over the coming days with the services essentially back to normal by the end of next week,” the firm told the stock exchange.
“Investigations into the incident are continuing, however, the Company is confident that no customer systems data has been compromised,” it added.
But it admitted that some employee data has been compromised.
“The investigations to date have identified that some limited employee data has been impacted by the incident,” said the firm. “Those individuals that may have been impacted will be notified in line with the Company’s regulatory obligations and the relevant authorities are being made aware including the Information Commissioner’s Office in the UK.”
Microlise said that as matters currently stand, it remains of the view that this incident will not have a material adverse impact on its forecasts or financial position.
But the knock on effects has had an impact beyond Microlise itself.
Serco impacted
Among its customers is outsourcing service provider Serco – that operates prisoner escort services for the UK’s Ministry of Justice.
According to the Financial Times newspaper, Serco staff were informed on Monday that “vehicle tracking, panic alarms, navigation and notifications related to estimated arrival times” were disabled due to the Microlise incident.
Despite this, officials reportedly regard the incident as having no operational impact on the British prisoner escort service.
There is also no indication at the time of writing that the hackers had specifically targetted Microlise in order to hamper or interfere with Serco prisoner transportation services, but the incident does highlight the risks posed by cyberattacks on a third party supplier.
Jake Moore, global cybersecurity advisor at ESET noted that incidents on sensitive operations like prison transport serves a reminder that outsourcing should not relieve businesses of the responsibility of securing their operations. Companies should implement better due diligence and contingency plans, including offline and manual safeguards.
“This incident once again highlights the critical importance of robust cyber resilience, but particularly for organisations managing sensitive operations such as prisoner transport,” said Moore.
Jake Moore, ESET
“Relying on third party providers for essential services such as tracking and alarms is commonplace, but this attack serves up another reminder that outsourcing does not and should not relieve organisations of responsibility for securing their operations,” said Moore. “Companies need to continue to implement better due diligence and conduct regular security assessments of their supply chain to safeguard against such vulnerabilities.”
“Contingency plans, including offline and manual safeguards, should also be prioritised to maintain security and safety in the event of a cyberattack,” Moore concluded.
Rapid cyberattack remediation
Meanwhile James Neilson, SVP International at OPSWAT, noted how a rapid cyberattack remediation can help minimise the impact on critical services.
“Reports that Microlise’s vehicle tracking services, used by Serco, DHL, and others, were disabled further illustrate the impact of last week’s cyberattack,” said Neilson. “This highlights the need for organisations to enforce robust supplier security policies and validate the security posture of critical service providers to manage cyber risk.”
“As a trusted technology provider, Microlise’s role in asset tracking made it an appealing target for attackers,” said Neilson. “Cybercriminals increasingly understand that disrupting a single supplier can have far-reaching effects across multiple clients.”
“In an era of frequent, high-impact cyberattacks, only a co-ordinated approach that identifies risks and enforces controls across the digital supply chain – supported by strong cyber hygiene and resilient security measures – can prevent service disruptions and data breaches,” said Neilson.
“Quick cyberattack remediation can be the difference between significant impact on critical services or none at all,” Neilson concluded. “Here, delays meant that disabled tracking devices and panic alarms went undetected until a week after the attack.”