Capita confirms cyber attack: UPDATE

UK-based outsourcing giant, Capita, suffered an IT outage on Friday which prevented staff from accessing the system. 

Employees at the firm were reportedly instructed “not to attempt access via VPN or submit password recovery requests” during the outage, which became apparent at around 7am.  

A spokesperson for Capita said on Friday morning: “We are aware of a technical issue with our systems which we are investigating.” They added it was “too early to say” whether the issue was the result of a hack. According to The Times, the outage is believed to have hit “every division” of the firm.

On Monday morning, the Capita confirmed that the incident was the result of a “cyber incident,” which “caused disruption to some services provided to individual clients, though the majority of our client services remained in operation.”

The firm did not name which customers had been affected, but it has contracts with several essential government-run services, including the NHS, Thames Water and Southern Water. It also provides services to the BBC, Transport for London, O2, BMW and many other companies. Capita Group is also involved with Royal Navy training centres and provides security at Ministry of Defence bases. 

Third-party risk: SolarWinds

The now-infamous SolarWinds cyber attack in the US in 2020 demonstrated the potential reach of third-party risk or supply-chain risk as a result of large global companies being hacked. It was one of the biggest cyber attacks of the 21st century and was significant because SolarWinds supplies online system management tools for hundreds of thousands of companies around the globe.

Hackers gained access to the SolarWinds network and planted malicious code (now known as “Sunburst”) into its Orion network management system. More than 30,000 organisations were using SolarWinds’ Orion product to manage their networks at the time, including several US Government agencies. The hidden malicious code planted by hackers meant that when users were sent a routine Orion software update, they were unknowingly installing the malware into their own systems. More than 18,000 SolarWinds users are understood to have installed the malicious updates. This included large, global tech firms such as Microsoft and Intel and cyber security firms such as FireEye – which was the first company to detect the hack.

Government departments are particularly vulnerable to third-party cyber risk because of the extent to which they outsource services and the sensitive nature of those services. Capita currently provides disability payment assessments for the UK’s Department for Work and Pensions, handles recruitment for the British Army, electronic tagging for UK prisons/probation services and runs fire and rescue operations for the Ministry of Defence. 

Capita shares fell 4.19% on Friday after news of the outage broke but were up 1.18% on Monday morning.