The finance industry—including accounting firms, bookkeeping companies, and other agencies—remains the top target, along with the healthcare industry, of cybercriminals who use a variety of malicious software and programs to gain access to computer networks, causing damage and crippling operations. Common information technology (IT) malware currently used by threat actors includes viruses, ransomware, worms, spyware, and rootkits.
What malware threats are facing CPAs and other financial firms?
So far in 2018, ransomware attacks—which take control of a computer or select data and virtually ‘hold it hostage’ until the company pays the required ransom—has declined in volume but increased in sophistication. In the latter part of 2017 and beginning of 2018, established criminal groups well-known for ransomware, such as TorrentLocker and Cerber, faded from the cybersecurity landscape. Those that remain, however, have been producing more samples with greater variants that can help the infection slip past antivirus products being used by CPAs and other firms. As a large, developed market, the United States is still heavily targeted by both PC and mobile ransomware attacks.
Unfortunately, even as ransomware is on the decline, social engineering attacks, including spear phishing and social media emulation, and cryptocurrency mining has skyrocketed this year. The volume of email fraud that organizations receive has increased 87 percent year-over-year. Meanwhile, crypto mining infections also increased 44.5 percent in a 12-month period in 2017-18 compared to statistics from the same period in 2016-17.
The healthcare industry and the finance industry remain the top targets of malware delivery by malicious actors. Institutions within these industries are in desperate need to solve data breaches and other issues quickly because of critical patient needs or simply to remain operational, making them particularly susceptible to the risk of ransomware and other cyber-attacks. Malware can be severely crippling to a CPA or other financial firm of any size.
What does an attack look like?
Depending on the type of malware used, the delivery and detriment of a cyber-attack can vary. For example, rootkits can conceal themselves after being installed and then execute files and make alterations to a system while spyware covertly tracks and/or collects sensitive data, Forbes magazine explains in an article about why malware is still one of the biggest threats facing businesses. The increasing use of emails, e-commerce, and the Internet, in general, has given rise to new methods of delivery by threat actors, as well as how swiftly malware spreads. The damage done to CPAs and other financial institutions can range from sending malicious emails or traffic under their name or stealing sensitive information to altering and deleting files or simply taking control of an entire system and its software.
How can businesses protect themselves?
Whether they like it or not, agencies and companies should assume occasions will arise when their staff or other users accidentally or unknowingly click on malware, making is incredibly important to have security systems as a backup to stop hacking attempts. Malware detection and prevention requires a multi-step approach, as no one solution or antivirus program can be entirely effective for an organization with an integrated IT system.
Companies that provide managed IT services, such as SymTec, are well-versed in the variety of technical solutions organizations can use to protect themselves against attacks. SymTec, which assists accounting firms and other businesses across the western part of the United States, recently worked with a client whose network had been attacked by a massive and invasive malware infection that was mobilized through a social engineering phishing scam.
SymTec’s team of experienced IT professionals quickly and effectively identified and responded to the threat. They swiftly removed the client’s systems offline for two days in order to complete a comprehensive threat assessment and deploy containment strategies. As a best practice, SymTec collaborated with its client to ensure that they quickly contained the infectious malware and prevented extensive impact on the business’ infrastructure, productivity, and revenue.
How does this help CPAs?
Specialized IT firms are trained to provide the best technical solutions to help firms operate effectively and protect the practice from outside attacks. Accounting firms and CPAs rely on technology throughout their entire operation, burdening them with unique technology needs. Additionally, industry compliance and regulatory standards—such as those imposed by the Gramm-Leach-Bliley or Financial Modernization Act—require financial firms to maintain extensive checks and measures, with technology impacting almost every level of mandated requirements.
SymTec provides effective ransomware protection for CPA firms, including their accountants and support staff, across Utah, Idaho and other Western states. The company has expertise on a number of software solutions and hosted applications used by CPAs and accounting firms, including Microsoft Dynamics, Sage Peachtree, Sage Timberline, Intuit QuickBooks, Freshbooks, and most other accounting software and end-user solutions.
By outsourcing IT management to SymTec, CPAs of all sizes can rest assured their sensitive data is being actively protected. SymTec’s specialists are well-versed in overseeing numerous services, such as password policies; data encryption; mobile device management and security; secure Wi-Fi access for staff and guests; and offsite backup in a secure, encrypted data center. Not only does SymTec understand ransomware protection for CPA firms in general, but the company collaborates with individual clients to understand their specific needs and find the right software and hardware solutions for them. To learn more about SymTec’s expert computer support and technology consulting, contact them online or by phone or email.