Increasing Cyber Attacks On Accounting Firms

The July 15 tax filing deadline is finally behind you. Now is the perfect time to address the growing number of cyberattacks still taking place in the accounting industry.

Many accounting practices are reporting that IT vendors and employers rushed to provide access for remote employees without fully understanding how to properly implement and secure it. This has resulted in an increased number of cyberattacks on accounting practices of all sizes. With the increase in the remote workforce and the ongoing COVID pandemic, there has been a 300 percent increase in cyberattacks.

As hackers continue to get more sophisticated with their tactics to obtain critical data from CPA firms, the process of accessing a network, destroying backups and encrypting data is becoming increasingly common. In addition to the standard ransomware attack, cybercriminals are now threatening to post data that they have stolen from the practice if you refuse to pay their ransom demands. Most threat actors have shifted to this modality as a way of almost guaranteeing that a business will pay the ransom to get its data back. 

After breaching the practice’s network, the threat actors typically conduct surveillance to understand the types of applications running and the location of data and backups. They will often deploy credential harvesting software to steal usernames and passwords from devices and applications and use the information to further exploit the system. 

While conducting surveillance, hackers will attempt to move laterally through the network to gain access to additional devices. There have been numerous cases in which the threat actors deploy multiple screen-sharing applications on a network to easily gain remote access in the event the IT department tries to lock them out.

In light of these alarming trends, it is imperative for accounting practices to prioritize cyber security. The first step is implementing strong and reliable security measures. This involves developing a comprehensive cyber security plan that includes regular security awareness trainings for all employees, mandatory use of strong, unique passwords, and two-factor authentication. All systems and software should be kept up-to-date to minimize the risk of breaches through known vulnerabilities.

Additionally, businesses should invest in advanced security solutions. This includes anti-malware software, intrusion detection systems, and firewalls. They should also hire or consult with cyber security professionals who can conduct regular security audits and vulnerability assessments.

Another important step is to establish a robust data backup and recovery plan. Regularly backing up critical data ensures that, in the event of a ransomware attack, businesses can restore their systems without paying the ransom. These backups should be stored off-site or in a secure cloud environment, and tested regularly to ensure they can be restored if needed.

Moreover, accounting practices should understand the importance of cyber insurance. This type of insurance can help cover the costs associated with a cyberattack, including loss of business, ransom payments, and legal fees.

Finally, the importance of incident response planning cannot be overemphasized. Having a well-thought-out plan in place can significantly reduce the impact of a cyberattack. This includes identifying key personnel who will be part of the response team, defining their roles and responsibilities, and conducting regular drills to make sure everyone knows what to do in case of an attack.

Growing cyber threats require proactive measures. It’s high time for accounting firms to take cyber security seriously, not only to protect their clients’ sensitive information but also to safeguard the future of their businesses. Being prepared can make all the difference when it comes to combating cyber threats.

Jack (Online)

Hey there! This is Jack, your Virtual CISO on standby. How can I help you?