The Leading News & Information Service For The Facilities, Workplace & Built Environment Community

ISS Update On The Impact Of Malware Crisis 

ISS provides update on the impact of malware crisis 
20 March 2020 | Updated 07 December 2021
 

In an official company announcement, ISS World has today confirmed that they have regained control of “the vast majority” of their IT infrastructure.

This update comes after contracted staff at Lewisham and Greenwich NHS Trust experienced issues with their pay, with ISS apologising about the “administrative error”.

The statement confirmed that neither the malware attack nor the payroll issue has affected on-site services: “The nature of our business is to deliver services on customer sites, mainly through our people, and as such we have been able to continue our service delivery uninterrupted to the vast majority of customers.”

Today’s press release suggests that ISS expects their business-critical systems to return to normal functioning during Q2 2020. Currently, the company says they have regained control of the “vast majority” of their IT infrastructure and are “systematically relaunching business-critical systems, albeit with somewhat reduced functionalities”. This includes central finance systems supporting payroll and invoicing. 

The process for restoring and rebuilding the system is expected to be completed by the end of 2020

 

"The nature of our business is to deliver services on customer sites, mainly through our people, and as such we have been able to continue our service delivery uninterrupted to the vast majority of customers. There is still no indication that any customer data or sensitive personal employee data has been compromised as a result of the malware attack."

–ISS Press Release

 

Financial impact

 

Here is a breakdown of the financial impact of the cybersecurity incident:

 

  • The incremental costs of the incident relate to: remediation of the IT incident, workarounds to enable the delivery of service to customers, duplication of costs associated with operating their contracts, and service underperformance as a consequence of system down-time
  • These costs are estimated to be DKK 300-500 million in 2020
  • The net incremental capital expenditure related to the rebuild is expected to be DKK 150-300 million in 2020
  • The rebuild of the IT infrastructure non-cash write-down is expected to be up to DKK 350 million
  • The net incremental capital expenditure related to the rebuild is expected to be DKK 150-300 million in 2020
  • The isolated, combined net negative impact on free cash flow related to the IT security incident is estimated to be DKK 450-800 million, with the majority of the impact in the second half of 2020 and some spill over into 2021

 

To read more about what FM can learn as a sector from the ISS World malware attack, click here

Article written by Ella Tansley | Published 20 March 2020

Share



Related Articles

ISS Now Recovered from 2020 Malware Incident

The effects of the ISS IT security incident have been resolved with all related costs fully recognised and with the majority paid in 2020, according to the...

 Read Full Article
Cybersecurity – Are Smart Buildings and its Data Vulnerable to Malware Attacks?

As more and more of a building’s functions are automated and controlled via smart technology systems, has cybersecurity been an afterthought? In 2020, Boris...

 Read Full Article
Working Securely Online – Cyber Hygiene

With more people working on the internet outside of monitored business networks, the risks of compromising company and personal data are increased. Concentration is...

 Read Full Article
What Can The FM Sector Learn From The ISS Malware Attack?

After breaking the news of the ISS World malware crisis, ThisWeekinFM speaks to the industry experts, to identify how FM companies can better manage cybercrime...

 Read Full Article
More Global FM Firms Hit By Cyber Attacks

EMCOR Group and Bouyges are the latest FM companies targeted by malicious software attacks.  The website of EMCOR Group, the global providers of facility...

 Read Full Article
Who Is The Weakest Link?

According to Sophos, 70% of internet users have the same password for almost all the web services they use - and there are groups of businesses and individuals who are...

 Read Full Article
Ransomware - the Protection Racket

ThisWeekinFM has been making a racket about Cyber Security because vulnerabilities are exploited at a personnel and personal level - where FM's should have some...

 Read Full Article
Devices with Potential for Vices

A study partly funded by Google and conducted by University of Cambridge researchers has found that 87% percent of Android devices are vulnerable to known...

 Read Full Article