The CPAs Guide to Protecting a Firm From Ransomware, Phishing, Social Engineering, and More
The finance industry—including accounting firms, bookkeeping companies, and other agencies—remains the top target, along with the healthcare industry, of cybercriminals who use a variety of malicious software and programs to gain access to computer networks, causing damage and crippling operations. Common information technology (IT) malware currently used by threat actors includes viruses, ransomware, worms, spyware, and rootkits.
What malware threats are facing CPAs and other financial firms?
So far in 2019, ransomware attacks—which take control of a computer or select data and virtually ‘hold it hostage’ until the company pays the required ransom—have declined in volume but increased in sophistication. In the latter part of 2017 and all through 2018, established criminal groups well-known for ransomware, such as TorrentLocker and Cerber, faded from the cybersecurity landscape. Those that remain, however, have been producing more samples with greater variants that can help the infection slip past antivirus products being used by CPAs and other firms. As a large, developed market, the United States is still heavily targeted by both PC and mobile ransomware attacks.
Unfortunately, even as ransomware is on the decline, social engineering attacks including spear phishing and social media emulation, and cryptocurrency mining has skyrocketed this year. The volume of email fraud that organizations receive has increased 87 percent year-over-year. Meanwhile, crypto mining infections also increased 44.5 percent in a 12-month period in 2017-18 compared to statistics from the same period in 2016-17.
The healthcare industry and the finance industry remain the top targets of malware delivery by malicious actors. Institutions within these industries are in desperate need to solve data breaches and other issues quickly because of critical patient needs or simply to remain operational, making them particularly susceptible to the risk of ransomware and other cyber-attacks. Malware can be severely crippling to a CPA or other financial firm of any size.
What does an attack look like?
Depending on the type of malware used, the delivery and detriment of a cyber attack can vary. For example, rootkits can conceal themselves after being installed and then execute files and make alterations to a system while spyware covertly tracks and/or collects sensitive data. Forbes magazine explains in an article addressing why malware is still one of the biggest threats facing businesses. The increasing use of emails, e-commerce, and the Internet, in general, has given rise to new methods of delivery by threat actors, as well as how swiftly malware spreads. The damage done to CPAs and other financial institutions can range from sending malicious emails or traffic under their name or stealing sensitive information to altering and deleting files or simply taking control of an entire system and its software.
How can businesses protect themselves?
Whether they like it or not, agencies and companies should assume occasions will arise when their staff or other users accidentally or unknowingly click on malware, making it incredibly important to have security systems as a backup to stop hacking attempts. Malware detection and prevention requires a multi-step approach, as no one solution or antivirus program can be entirely effective for an organization with an integrated IT system.
Companies that provide managed IT services, such as Veltec Networks, are well-versed in the variety of technical solutions organizations can use to protect themselves against attacks.
How does this help CPAs?
Specialized IT firms are trained to provide the best technical solutions to help firms operate effectively and protect the practice from outside attacks. Accounting firms and CPAs rely on technology throughout their entire operation, burdening them with unique technology needs. Additionally, industry compliance and regulatory standards—such as those imposed by the Gramm-Leach-Bliley or Financial Modernization Act—require financial firms to maintain extensive checks and measures, with technology impacting almost every level of mandated requirements.
Veltec provides effective ransomware protection for CPA firms, including their accountants and support staff. We have expertise in a number of software solutions and hosted applications used by CPAs and accounting firms, including Microsoft Dynamics, Sage Peachtree, Sage Timberline, Intuit QuickBooks, Freshbooks, and most other accounting software and end-user solutions.
By outsourcing IT management to Veltec, CPAs of all sizes can rest assured their sensitive data is being actively protected. Veltec’s specialists are well-versed in overseeing numerous services, such as password policies, data encryption, mobile device management and security, secure Wi-Fi access for staff and guests, and offsite backup in a secure, encrypted data center. Not only does Veltec understand ransomware protection for CPA firms in general, but we collaborate with individual clients to understand their specific needs and find the right software and hardware solutions for them. To learn more about Veltec’s expert computer support and technology consulting, contact us online or by phone or email.