Malware & Accounting Firms: Why Criminals are Eagle-Eyeing This Industry
This article first appeared on www.sleeter.com.
Money—it’s what keeps businesses going, it’s what you as CPAs and accounting professionals are focused on, and it’s what cybercriminals are after.
Many people think that cybercriminals just target large, multi-million dollar businesses, but this isn’t the case. As large corporations have begun investing in expensive cybersecurity technology, cybercriminals have turned their attention to those business owners who have access to sensitive and valuable data but may not have the resources or security know-how to adequately protect themselves and their clients. And accountants and CPAs with direct access to their clients’ confidential data top the list of easy targets. Moreover, according to Deloitte, “It is clear that the growth in cybercrime has continued, if not accelerated, in the financial services industry.”
Here we present the motivations of the attackers and some steps that those in the accounting industry can take to better protect themselves and their clients.
What Is the Motivation Behind Malware Attacks on Accounting Firms?
Cybercriminals have two distinct motivations:
1) They want your money.
Those motivated by money take your cash and then flee the scene—usually. However, in a far more opportunistic variation, cash-motivated cybercriminals will attack your system, freezing business operations until a requested ransom amount has been paid.
2) They want your information.
The second motivation by cybercriminals is pursuit of your company’s credentials, sensitive information, and financial and customer data. These cybercriminals are looking to get into your system and stay there, so they make the least amount of noise they can. After fulfilling their acquisition of data, these cybercriminals will then sell your prized information to your competitors—or on the Dark Web.
My point isn’t to scare you, but to educate. If you don’t know what you’re up against, there’s no way to protect yourself. Here are three sets of actions that go a long way toward protecting your customers’ data and your business.
1) Employ Best Security Practices
There are several tools and best practices that are affordable, widely available, and easy to deploy that will provide adequate protection against security threats. This is the cost of entry when using Internet-connected systems.
- Perform off-site backups and regularly practice recovering from the backup.
- Install an antivirus solution, then schedule signature updates.
- Utilize multi-factor authentication for employee access to e-mail, systems, and applications.
- Ensure that your mail service provides spam and phishing defenses.
- Install an automated malware protection tool to safeguard against ransomware attacks.
2) Put an Incident Response Plan in Place
As many security pros say, “It’s no longer if you’ll be breached, but when.” There is extreme importance in brainstorming and preparing your strategy in order to be prepared if or when your organization is attacked. Conduct conversations with your colleagues, Managed Service Providers (MSPs), and IT advisors to determine the correct plan to implement following an attack. Discuss the legal repercussions of an attack with a lawyer. And talk with your agent about cybersecurity insurance and how it can aid in lessening the financial burden that follows an attack.
3) Educate Your Employees with Security Awareness Training
Employee education goes a long way in creating a culture in which everyone is a stakeholder in protecting the business. Teach employees about the common motivations and tactics of attackers, and empower them to make decisions around security. Get your people talking to one another about phishing emails they receive. Form that “human shield” to protect your business.
With planning and solid execution, you and your staff can stay safe online. In the next installment, we’ll dive deeper into examples of successful attacks against the financial services industry, followed up with more details on how to protect yourself and your staff online.