7月15日的报税截止日期终于过去了. Now is the perfect time to address the growing number of cyberattacks still taking place in the accounting industry.

Many accounting practices are reporting that IT vendors and employers rushed to provide access for remote employees without fully understanding how to properly implement and secure it. This has resulted in an increased number of cyberattacks on accounting practices of all sizes. 随着远程劳动力的增加和持续的COVID大流行, 网络攻击增加了300%.

As hackers continue to get more sophisticated with their tactics to obtain critical data from CPA firms, 访问网络的过程, 销毁备份和加密数据正变得越来越普遍. 除了标准的勒索软件攻击, cybercriminals are now threatening to post data that they have stolen from the practice if you refuse to pay their ransom demands. Most threat actors have shifted to this modality as a way of almost guaranteeing that a business will pay the ransom to get its data back.

在破坏了诊所的网络之后, the threat actors typically conduct surveillance to understand the types of applications running and the location of data and backups. They will often deploy credential harvesting software to steal usernames and passwords from devices and applications and use the information to further exploit the system.

同时进行监测, hackers will attempt to move laterally through the network to gain access to additional devices. There have been numerous cases in which the threat actors deploy multiple screen-sharing applications on a network to easily gain remote access in the event the IT department tries to lock them out.


来源: 今天会计