ABACUSNEXT WHITE PAPER
WHY ACCOUNTING FIRMS
A RE A PRIME TARGET F OR
RANSOMWARE HACKS:
Learning from Netflix, Wannacry, and Ashley Madison
The word ransomware has been popping up in the news with increasing
frequency these days. That’s because this type of cybercrime is growing in
both frequency and size, with 2017 predicted to be the worst year to date.
ABACUSNEXT WHITE PAPER
begin searching for new vulnerabilities, weak links, and
loopholes to exploit. So it’s an endless cycle.
The Specific Vulnerabilities
of Accounting Firms
I
O
ver the past decade, several bigname
companies have been in the news for
major cybersecurity breaches and ransomware attacks—Target, Ashley Madison, Netflix,
Yahoo, Linkedin, etc. However, it isn’t just major corporations that need to take precautions.
Smaller companies, especially accounting firms,
are prime targets for ransomware attacks. Here’s
what your accounting firm needs to know.
How Does Ransomware Work?
What is ransomware, and how does it work? Ransomware is a specific kind of malware that infects a device
(e.g., a computer, smartphone, or server) and gives
hackers access to all the files on that device. The ways
that hackers get ransomware onto devices is constantly
changing, which is part of what makes these attacks so
dangerous.
Sometimes victims click on a dubious link in an email
that activates the ransomware, or victims unknowingly
download a file containing ransomware. Other times,
the hackers gain access to a device through a back door
without the victim needing to do anything at all.
Once a device is infected, the ransomware is deployed,
and hackers are able to encrypt or steal files. They hold
those files hostage, or threaten to release the stolen information, unless the victim meets a demand. Frequently,
hackers demand payment (usually in Bitcoin or some
other untraceable currency). Other times, hackers ask the
victim to comply with a directive.
Ransomware attacks are often able to net millions of
dollars before they are shut down. And every time a
ransomware attack is stopped, the hackers immediately
www.abacusnext.com
ncreasingly, ransomware attacks are targeting businesses. Hackers who are looking to make money
with ransomware may believe businesses have
deeper pockets, and therefore may be more willing to
pay up. But make no mistake; it isn’t just major corporations that are being targeted. All kinds of companies
are falling victim to ransomware attacks, and there
are several reasons why accounting firms are prime
targets:
1. Sensitive Data: Accounting firms frequently work
with highly sensitive client information: social security numbers, banking information, tax documents,
passwords. This kind of information is lucrative
for cybercriminals who can sell it on dark web for
top-dollar. However, hackers don’t necessarily have
to find a buyer on the dark web to make money.
Thanks to ransomware, all they have to do is hold
your firm’s information hostage, or threaten to sell it,
until they get some form of payment.
2. Numerous Access Points: Unlike some other businesses, almost every employee in an accounting firm
needs direct access to clients’ sensitive information
and files. That means employees at all levels—from
partners to clerical staff—could be targets for ransomware attacks. (Just think about how many entry
points hackers might have into your firm’s system.)
All it takes is one breached account, one downloaded
file, or one click to paralyze your entire company.
3. An Inundation of New Technology: The world of
accounting technology is exploding. The industry
has been flooded with new accounting apps and
products at an astonishing rate. At the same time,
firms are rapidly adopting cloud-based systems and
technology. This pace of innovation is great for the
industry, but it’s also great for cybercriminals. Every
new product and new integration provides a new
opportunity for hackers. And many accounting firms
are adopting new technology without the proper
security in place.
Despite the risks, there are several steps that accounting
firms can take to protect themselves. In the next section,
we look at three major ransomware attacks—Netflix,
WannaCry, and Ashley Madison—and determine what
accounting firms can learn from each attack.
888.994.8615
[email protected]
2
ABACUSNEXT WHITE PAPER
Case Study 1: “The Netflix Hack”
What Happened?
You may have heard about the Netflix hack back in April
of 2017. Hackers were able to access all the episodes
for an unreleased season of “Orange Is the New Black.”
When Netflix failed to meet hackers’ demands, they
posted the entire season was posted online. The hackers also claimed to have material from several other
television networks in addition to Netflix. However,
other networks have not corroborated that claim.
After the Netflix ransomware attack, investigators found
that a third-party vendor, a small production company,
was the weak link that allowed hackers to access the
Netflix files. Because the production company had access to all the Netflix files, and also had weaker security,
hackers were able to steal the files without breaching
Netflix itself. Security experts had long warned that this
third-party vendor put the larger companies at risk, yet
the companies had not put the proper security protocols
in place in response.
What Can We Learn?
Even if your firm has stringent security measures in
place, a third-party vendor may be your Achilles heel.
It is important for accounting firms to have security
solutions that look at the firm’s entire web of programs,
apps, vendors, etc. If a firm does not secure every point
of integration, and every data sync, third-party vendors
could pose a risk.
As an accounting firm grows, it naturally builds partnerships with outside companies and vendors to handle
different aspects of the accounting process. However,
outsourcing is only a good long-term investment if your
firm has also invested in a robust security system to
protect your data from end to end.
Case Study 2: “The Ashley Madison Data Leak”
What Happened?
Avid Life Media saw an enormous security breach in 2015
when their infamous infidelity website, Ashley Madison,
was the subject of a ransomware attack. A group of hackers
calling themselves “The Impact Team” took issue with Avid
Life Media’s business practices and mission.
The hackers deployed ransomware that was able to collect
personal information from the site’s 32 million members
(including users’ personal information, account preferences, and credit card numbers). The hackers then threatened
to release all the sensitive information unless the company
shut down Ashley Madison and its partner website.
The saga did not end well for Avid Life Media. They
refused to comply with the hackers’ demands, and as a
result, the hackers posted all the stolen information online
in a searchable, public database.
After the hack, investigators determined that the hackers
were able to access users’ data despite the fact that the
3
www.abacusnext.com
company used rather sophisticated data-encryption techniques. Another surprise, the hackers were able to release
information that Avid Life Media claimed had been permanently deleted. In fact, the company had even charged
users a fee to supposedly delete this data.
What Can We Learn?
While it’s unlikely that accounting firms will be the victims of moral hacks by vigilante groups, they still need to
recognize that they are working with highly sensitive client
data—data that, in the wrong hands, could be damaging.
Imagine the potential fallout from a leaked tax return document or financial report. Accounting firms simply cannot
afford the risk.
Second, remember that deleting data from a single device
does not mean it cannot be retrieved later. Often times, a
copy of that deleted information is stored somewhere. So
even if you think something is gone, it has probably left a
digital footprint somewhere. The right IT security company
can tell you where that data lives and who can still see it.
888.994.8615
[email protected]
ABACUSNEXT WHITE PAPER
Case Study 3: “The WannaCry Ransomware Attack”
What Can We Learn?
This hack shows that ransomware attacks are indeed
targeting businesses. Firms cannot assume their size, location, client base, or any other company attribute makes
them immune to cybercrime. The only thing that will
protect a company is comprehensive, strategic IT security.
What Happened?
Last month, the ransomware known as WannaCry crippled businesses in several countries. WannaCry froze
users’ computers, encrypted their files, and demanded payment before returning the files. In many cases,
victims paid the hackers because the amount they
demanded was relatively small. Before this ransomware
attack was stopped, it had already affected hospitals,
transportation systems, and even FedEx.
Investigators determined that the WannaCry attack
functioned a lot like a phishing scam—users clicked on
links or opened emails that looked legitimate. This gave
hackers access to all the computer’s files. Investigators
also discovered that WannaCry exploited a vulnerability
in Microsoft operation systems that had been discovered by the NSA and leaked to the public. Prior to the
start of the attack, Microsoft had already sent out an
update to fix the problem. However, many victims were
running outdated versions of Microsoft, or had not
downloaded the update.
www.abacusnext.com
This ransomware attack also illuminates the importance
of training your staff on cybersecurity, especially those
who work with sensitive client data. Firms should also
have a system in place to notify staff immediately if
security concerns arise. However, the best solution is to
have a team if IT security professionals who are monitoring your firm’s system and dealing with issues before they
reach your staff. Doesn’t your staff have enough to worry
about already?
Finally, WannaCry is a reminder that firms need to keep
their IT up-to-date. Some companies don’t invest in system upgrades or IT security measures because it saves
money in the short-term. However, that decision opens
the company up to immeasurable risk.
888.994.8615
[email protected]
4
ABACUSNEXT WHITE PAPER
Protect Your Firm With AbacusNext
These three case studies are just the tip of the
iceberg. Luckily, there are IT security solutions that
move the burden of security off of your internal
team and into the hands of cybersecurity experts.
Investing in a robust IT security system means your
Unlock the Power of
the Cloud Without
Compromising Security
Want to leverage cloud-based technology while maintaining the highest security
standards? Now you can. Abacus Private
Cloud moves all your firm’s programs,
applications, data, and files into a secure,
virtual workspace.
That virtual workspace can then be accessed by your employees—anywhere,
anytime, and from any device. That
means your data is safe, whether your
employees and sending emails from
home or logging onto QuickBooks from
a mobile phone. The Private Cloud also
allows employees to safely use their
personal devices for company business,
giving everyone more flexibility without
compromising security.
www.abacusnext.com
firm won’t need to understand all the ins-and-outs
of ransomware attacks and other cyber-threats.
Instead, you can rely on industry experts to keep
your firm secure.
Protect Your Data
Reduce In-House IT Costs
Unlike public cloud or SaaS products
(which are hosted online and store your
data on third-party servers), Abacus’s
Private Cloud creates a private server
for your firm that is not shared with any
other company. This allows you to retain
control of your data, and ensures your
firm can comply with industry security
regulations.
Partnering with Abacus can remove internal IT burdens by transferring the management of your security to the Abacus
team. Abacus Private Cloud frees your
team from having to deal with tedious
and confusing IT tasks, allowing you to
focus all your energy on your clients. Private Cloud can also have enormous financial benefits. Abacus customers save
an average of $3,966 annually when they
move to the Private Cloud.
The Abacus Private Cloud is also
SOC2-compliant and uses a multi-tiered
approach with five layers of security
(physical, network, and data) to provide
a robust and safe environment for all
your firm’s data. Other protections include 256-bit AES data encryption, and
a Digitus Biometric locking system and
24/7 monitoring at our server sites. Furthermore, Abacus also uses redundant
data centers to ensure your data is never
lost or wiped out.
888.994.8615
Best of all, Abacus easily scales up or
down so you can get the IT support that
matches the size of your business. If your
business grows, your IT security can grow
with you. Learn more about Abacus Private Cloud on our website, www.abacusnext.com.
[email protected]
Abacus Private Cloud is a trademark of Abacus Data Systems,
Inc. Other products or services may be trademarks or registered
trademarks of their respective companies.
© 2017 Abacus Data Systems, Inc. All rights reserved. 062117_CC