Be on High Alert for Ransomware Attacks

Kirsch CPA Group

Nov 12, 2020

The FBI has warned of a staggering increase in ransomware attacks against businesses since the start of the COVID-19 pandemic. Here’s what business owners and managers should know about these attacks to help prevent them — and manage an attack if preventive measures fall short.

 

Cybercrime Crisis

Cybercrime reports to the FBI have quadrupled in 2020. The FBI Internet Crime Complaint Center currently logs in between 3,000 and 4,000 calls a day. Ransomware attacks, in particular, have increased by seven-fold since 2019, and the estimated global cost of ransomware attacks for 2020 is $20 billion, according to cybersecurity firm Bitdefender. This is from a recent report from insurance provider Beazley:

In 2020, we have seen significant changes to the cyber risk landscape. Ransomware has grown in frequency and severity, and extortion demands have risen. The threat of data exfiltration and consequent release of confidential information has increased, and the resulting business interruption of all these events has become a regular occurrence.

The average ransom payment grew to $178,254 in the second quarter of 2020, up 60% from the first quarter of 2020, according to the Q2 2020 Ransomware Report published by ransomware consulting firm Coveware. And the percentage of ransomware incidents where data had been “exfiltrated” — meaning it’s withdrawn from the victim-organization’s network — grew from 7.8% in the first quarter of 2020 to 22% in the second quarter of the year.

No one is immune: Ransomware attacks have been launched against large and small organizations, including public and private businesses, educational facilities, health care providers, government agencies and non-profit entities.

Important: On October 28, the FBI, the Cybersecurity and Infrastructure Security Agency (CISA) and the U.S. Department of Health and Human Services (HHS) issued a joint cybersecurity advisory. It describes the tactics, techniques and procedures that cybercriminals are currently using against hospitals and health care providers to infect systems with encryption ransomware, notably Ryuk and Conti. The alert recommends specific measures for hospitals and other health care entities to consider to prevent such attacks.

 

Anatomy of Ransomware Attacks

Ransomware is malware designed to prevent access to a computer system or files until the user meets the perpetrator’s payment demands. It’s as if your entire computer network is being held for ransom — and neither your employees nor your customers can access the data.

Back in the 1980s, when ransomware was introduced, attacks typically targeted individuals, and payment was made through the regular U.S. mail. Today, high-tech crooks usually go after deeper pockets and often require the ransom to be paid with credit cards or cryptocurrency, such as Bitcoin.

It doesn’t take much to be infected. Typically, the malware takes root when a malicious email is sent to an employee of a company and may utilize phishing or spear phishing techniques. The malware may be embedded in attached Word files or PDFs, or the email might contain a link to a website that will install the malware on the user’s computer and, from there, infiltrate the network.

Why would anyone open an unsolicited email and then open an attachment or click a link? Looks can be deceiving. Frequently, the email appears to come from a legitimate business partner or from a friend or relative. In other cases, perpetrators pose as law enforcement officials or representatives of agencies, such as the FBI, IRS or Department of Labor, to scare victims into paying up. (See “Three Types of Ransomware,” at right.)

Another threat is the use of “malvertising,” malicious advertising that hooks recipients with little or no interaction on their part. For example, if you’re simply browsing the web and come across malvertising, it can infect your computer, even if you don’t click on the ad. This may deliver the ransomware directly or be used to launch an attack against a targeted user.

Once a user’s device has been compromised, the perpetrator has a foothold in your entire IT environment. Before your IT department detects the breach, the hacker is free to explore your network for vulnerable systems and sensitive data and encrypt data indiscriminately. Then the hacker can demand a ransom for the decryption key needed to restore your access to the network.

 

Preventive Measures

Ransomware is a growing threat, especially as more people are working, learning and interacting with organizations remotely during the COVID-19 pandemic. It’s important for your organization to take steps to protect your networks from these attacks. Generally, this requires people who access your network to identify ransomware before it infects their computer.

Consider implementing the following best practices:

Train users to recognize red flags. Employees and other users who access your network should understand how ransomware attacks happen and why it’s smart to exercise caution when opening unsolicited emails and searching the Internet. For example, before clicking on a link or opening a file, they should be trained to verify the sender’s email address.

Require your staff to participate in regular cybersecurity awareness training sessions. Consider testing methods that simulate actual ransomware attacks to help improve awareness and test whether your training program is effective.

Install the latest IT security products. Take advantage of the advanced technology at your disposal. Examples include antivirus software, firewalls and email filters designed to keep outsiders at bay.

Stay current on updates. Ensure that all operating systems and applications are updated on users’ computers. If not, secure the latest patches from verifiable sources. Criminals launching ransomware attacks are known to prey on those with vulnerable systems and applications.

Back up files. Perform frequent backups of your system and other important files. If a computer becomes infected with ransomware, you can restore your system to its previous state using backups — as long as you catch the attack before the perpetrator has a chance to encrypt the data. Store backups in a device that’s separate from the network, like an external hard drive or in the Cloud.

 

Insurance Protection

Many organizations also buy cyber liability and breach response insurance to fortify their defenses against losses from breaches and ransomware attacks. Professional and general business liability insurance policies generally don’t cover losses related to a hacking incident. Cyber liability insurance can cover a variety of risks, depending on the scope of the policy. It typically protects against liability or losses that come from unauthorized access to your company’s electronic data and software.

Instead of purchasing a standalone cyber liability policy, you can add a cyber liability endorsement to your errors and omissions policy. Not surprisingly, the coverage through the endorsement isn’t as extensive as the coverage in a standalone policy.

Business owners and managers should carefully read their policies to understand what types of incidents are specifically excluded from coverage. And, remember, no type of cyber liability insurance is a suitable replacement for sound cybersecurity policies and procedures. Other well-resourced preventive measures can also reduce your premiums for cyber insurance.

 

Proactive Response

Unfortunately, preventive measures aren’t foolproof. If your organization falls victim to a ransomware attack, what should you do?

You may be tempted to pay the ransom immediately, hoping the threat will go away quickly and with minimal harm. But paying ransom can be costlier than restoring data from backup files or other means. The average cost to remediate an encryption ransomware attack is $1,448,458 for victims that paid the ransom, compared to only $732,520 for those that didn’t ante up, according to “The State of Ransomware 2020” published by IT security firm Sophos.

Why does paying ransom roughly double the cost of a ransomware attack? First, you must pay the ransom. From there, you must restore the data and get your network back up and running after an attack. Plus, there’s no guarantee that your data will be fully restored even if you’re able to obtain the decryption key from the perpetrator.

If your organization has insurance coverage against ransomware attacks, your insurer can help guide you through the process of reporting the incident to law enforcement, restoring your systems and communicating the effects to stakeholders. Your financial and legal advisors can be valuable resources, too.

 

Got Questions?

On September 30, the Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing and Analysis Center released a joint Ransomware Guide. It provides best practices in preventing and responding to a ransomware attack.

For more information on how to safeguard against these attacks — or how to respond if your network had been breached — contact Kirsch CPA Group at 513.858.6040.

More Resources

Next Level Accounting Guide

Guide: Next Level Accounting Services for Your Growing Business

Build a Better Business Guide

Guide: Build a Better Business by the Numbers

Business Acquisition to Sale Case Study

Case Study: Strategic Accounting Support from Acquisition to Sale

About The Author

Kirsch CPA Group is a full service CPA and business advisory firm helping businesses and organizations with accounting,…

Read More

Kirsch CPA Next Level Accounting Guide Download the Guide

Sign Up for Email Updates

Tags

Business Advisory (86) Covid-19 (64) Accounting (42) Tax Strategies (31) Tax (30) Construction (29) Not For Profit (28) Manufacturing (26) Small Business (25) Business Planning (25) Kirsch News (21) Grow Your Business (19) Business Taxes (18) Business Strategy (18) Retirement (17) PPP (16) Payroll (15) Tax Planning (14) Business Valuation (14) CARES Act (13) Individual Tax (13) Audit and Assurance Services (13) Fraud (11) Benefit (11) Cash Flow (10) Financial Planning (9) IRS (9) Business (9) Contractors (9) Consolidated Appropriations Act (9) Employee Retention Credit (9) Deduction (9) Human Resources (8) Financial Statements (8) Small Business Tax (7) Tax Break (7) Business Owner (7) Tax Strategy (7) Department of Labor (6) IRA (6) Remote Work (6) Tax Credit (6) Contractor (6) Inflation (6) Tax Breaks (5) Estate Planning (5) Mergers and Acquisitions (5) Technology (5) Risk (5) Law (5) Valuation (5) LLC (4) Estate Plan (4) Overtime (4) Real Estate (4) Deductions (4) Hiring (4) Cost (4) TCJA (4) Tax Cuts and Jobs Act (4) Supply Chain (4) ERC (4) Self-Employed (4) Plan (4) Revenue (4) Depreciation (4) Billing (4) accounting software (4) outsourced accounting services (4) Compensation (3) Partnership Tax (3) Retain Employees (3) HSA (3) Business Intelligence (3) Social Security (3) DOL (3) Sales (3) Self-Employment (3) Outsourcing (3) Protecting Your Business (3) Rental Property (3) Succession Plan (3) WOTC (3) Tax Benefits (3) Charitable Donations (3) Individual Taxes (3) EEOC (3) Work From Home (3) Donation (3) Profit (3) Contingency Plan (3) Gift (3) Family (3) Rental (3) Loss (3) Unemployment (3) CFO (3) Succession (3) Succession Planning (3) Small Businesses (3) Credit (3) Loan (3) Gift Tax (3) Estate Tax (3) QBI (3) Cash (3) Unrelated Business Income Tax (3) Cash Basis (3) Section 179 (3) Ohio Tax (2) S-Corp (2) Research Tax Credits (2) Selling Your Business (2) Best Workplaces in Ohio (2) Buy-Sell Agreement (2) Ohio Taxes (2) Independent Contractor Status (2) Revenue Recognition (2) Home Office (2) Tax Credits (2) Payment (2) Deadline (2) Help for Ohio Business (2) FASB (2) Mid-Year (2) Deductible (2) Taxes (2) Bankruptcy (2) Welcome to the Team (2) Contracts (2) Phising (2) Year-End (2) Join Our Team (2) Tax Free (2) Individual Income Tax (2) Tax Rate (2) Stimulus (2) New Law (2) Loan Changes (2) M&A (2) Strategic Accounting (2) Personal Return (2) The American Rescue Plan Act (2) ARPA (2) Penalties (2) OSHA (2) Insurance (2) Return to Workplace (2) Estate (2) Future (2) Cryptocurrency (2) Expense (2) Property (2) Rent (2) CFO Services (2) Penalty (2) Contract (2) Wages (2) State Tax (2) Savings (2) Value (2) Tax Law (2) Tax Preparation (2) Tax Saving (2) Mileage (2) R&D (2) Chart of Accounts (2) Financial KPIs (2) Buy (2) Sell (2) Qualified Business Income (2) Multistate Taxes (2) Tax Incentive (2) Software (2) Debt (2) Supply (2) Kirsch promotions (2) Tax Benefit (2) Inflation Risks (2) Invoice (2) Financial (2) Inflation Reduction Act (2) CHIPS Act (2) Forecast (2) research credit (2) Expenses (2) Bookkeeper (2) scaling a business (2) accounting partner (2) Non profit (2) Upgrading Accounting Systems (2) Accounting Outsourcing (2) Compensation Plans (1) SEPs (1) Donor Datebase (1) Promoting (1) Monitor Employee Communications (1) Business Expenses (1) Board of Directors (1) Customer Service (1) Motivate Employees (1) S Corporation (1) Record Retention (1) Employer Provided Vehicles (1) Tax Rules for Boats (1) Tax Rules for RVs (1) Home Improvement (1) No-Match Letter (1) Sales Deal (1) Rules of Qualification (1) Customer Loyalty (1) Profits (1) Work for Kirsch (1) Tax Deductible (1) Industry (1) Work Culture (1) Taxpayers (1) Partner (1) Tax Return (1) Competition (1) Tax Refund (1) Security (1) Leadership (1) Medical & Sick Leave (1) Economic Injury Disaster Loan (1) Emergency Financing From the SBA (1) Tax Favored Distributions (1) Roth (1) Traditional Roth (1) Dependent Care (1) DCAP (1) Pivot Strategy (1) Chapter 11 (1) Chapter 7 (1) Epidemic (1) Customers (1) Travel Restrictions (1) Workers Health (1) Legal Claims (1) Deferred Filing Tax Returns (1) HIPAA (1) Business Vehicle (1) Promotions (1) Worker Comp (1) Ohio Bureau of Workers Compensation (1) Homeowners (1) Common Tax Scams (1) Internal Tax Service (1) Hobby (1) Health Plan Administrative Expense (1) Financial Distress (1) Insolvency Exception (1) Home Mortgage Exception (1) Interest Exception (1) Student Loan (1) FSA (1) Improvements (1) Repairs (1) Background Check (1) Fraud Alert (1) Vishing (1) Preventing Attack (1) Home Office Deductions (1) Boost Profits (1) Independent Contractor (1) Ramsonware (1) Health Plan (1) Related Paid Leave (1) Tax Provisions (1) Overtime Pay (1) Buy or Lease (1) Data Breaches (1) Malware (1) Beneficiaries (1) Inheritance (1) Policy (1) Cost Cutting (1) Disaster Relief (1) FAQs (1) Resolutions (1) Schedule C (1) Closing Business (1) High-Deduction (1) Elderly (1) CVD (1) Restaurant (1) Opportunity Zone Investments (1) Bad Debt (1) SafeSend Exchange (1) Owners Compensation (1) Financial Relief (1) Child Labor Law (1) Minimum Wage (1) Record-Keeping (1) Bottom Line (1) Power of Attorney (1) Trader Status (1) Vaccine Scams (1) Child and Dependent Care Credit (1) Go Green (1) Visa (1) International (1) Employee (1) H-2B (1) FEMA (1) Trusts (1) Operations (1) Digital (1) Profit Fade (1) Managing Cost (1) Project (1) Make Money (1) Properties (1) Home (1) Return to Work (1) Federal Labor Policy (1) Labor (1) Labor Law (1) Passive Activity Loss (1) PAL (1) Liability (1) Deduct (1) Cybersecurity (1) Landlord (1) Relief (1) Job Loss (1) Eviction (1) Tenant (1) Economy (1) Development (1) Next (1) Strategic (1) Profitability (1) Financial Health (1) Individuals (1) Individual (1) Reviewed Financials (1) New Development (1) Opportunity (1) Planning (1) Review (1) Payroll Tax Credit (1) Overhead (1) Price (1) Estimate (1) Out-of-Scope (1) Project Planning (1) Productivity (1) Production (1) Lean (1) Output (1) Raw Material (1) Incentive (1) Process (1) Cyber (1) Cyber Attack (1) Financial Penalty (1) OT (1) Ransom (1) Ransomware (1) Hacker (1) Prevent (1) Prevention (1) DHS (1) Department of Homeland Security (1) Processing Payroll (1) Labor Laws (1) SBA (1) Damage (1) Damages (1) Economic (1) Economic Damage (1) NIOSH (1) National Institute for Occupational Safety and Health (1) Safety (1) PPE (1) Saving (1) Strategy (1) Customer Segmentation (1) Save (1) Profitable (1) Client (1) Customer (1) Business Real Estate (1) Commercial (1) Location (1) Office Space (1) Lease (1) Shareholder (1) Independent Investor (1) Tax Season (1) Taxcaddy (1) Tax Filing (1) Tax Documents (1) Inside Public Accounting (1) CPA (1) Lower Taxes (1) Tax Savings (1) Tax Rules (1) Build Back Better Act (1) Proposed Tax Laws (1) Business Insurance (1) Premium (1) Life Insurance (1) Property-Casualty Insurance (1) long term disability (1) long-term care (1) crisis (1) crisis management (1) contingency (1) research and development (1) research (1) confidential (1) confidentiality (1) financial reporting (1) service providers (1) P&L statements (1) fairness opinion (1) fairness opinions (1) M&A Plan (1) money (1) estate and gift tax (1) commission (1) commission fraud (1) salespeople (1) due diligence (1) real estate investment trusts (1) REIT (1) investment (1) trade (1) Specified Service Trade or Business (1) SSTB (1) qualified (1) key person (1) discount (1) tax compliance (1) sales tax (1) single-member (1) multi-member (1) limited (1) General Partners (1) self-employment tax (1) medium business (1) qualified business income deduction (1) depreciation deduction (1) Junior Achievement Business Hall of Fame (1) Asset (1) owner (1) tax liability (1) tax files (1) tax records (1) federal tax (1) records (1) financial records (1) Bills (1) receipts (1) personal tax files (1) sell business (1) organized crime (1) National Federation of Independent Business (1) NFIB (1) Close (1) Close Business (1) debts (1) Small Business Reorganization Act (1) SBRA (1) Home-Based Business (1) kentucky tax law (1) gas (1) fuel (1) suppliers (1) supplier (1) marketplace (1) market (1) online (1) supplies (1) scam (1) product (1) seller (1) Buyer (1) work opportunity tax credit (1) work opportunity (1) Amended Taxes (1) inventory tracking (1) labor cost tracking (1) job costing (1) networking (1) projects (1) Collecting (1) family business (1) equipment (1) purchase (1) combat inflation (1) ESOP (1) Employee Stock Ownership Plans (1) company stock (1) ERISA (1) Employee Retirement Income Security Act of 1974 (1) corporate (1) legislation (1) profitability analysis (1) SALT cap workaround law (1) Borrow (1) lend (1) lending (1) loans (1) loaning (1) Case Study (1) Financial Accounting Standards Board (1) GAAP (1) Generally Accepted Accounting Principles (1) tech (1) legacy gift (1) funding (1) living trust (1) will (1) wealth (1) financial management (1) payroll support (1) rollover (1) inventory (1) disaster (1) interruption insurance (1) Business interruption (1) corporation (1) research expenses (1) income tax liability (1) types of financials (1) SSA (1) Social Security Administration (1) wage base (1) Claim (1) small business owner (1) reduce (1) reduction (1) Research & Development (1) research & development expenses (1) risk management (1) PTE (1) Pass-through entity (1) Chief Financial Officer (1) next level accounting services (1) strategic tax planning (1) pricing analysis (1) exit and retirement planning (1) SECURE 2.0 (1) Setting Every Community Up for Retirement Enhancement 2.0 Act (1) rate (1) medical (1) moving (1) digital enterprise (1) mobile (1) Cloud-Based (1) financial statement (1) forecasting (1) projections (1) projection (1) NOL (1) net operating loss (1) COD (1) Cancellation of Debt (1) forgiven (1) forgiveness (1) financial roadmap (1) quickbooks (1) SafeSend Returns (1) valuing (1) holistic (1) fradulent (1) invoices (1) FIFO (1) LIFO (1) last-in (1) first-out (1) first-in (1) tax changes (1) Business Interest Expense (1) Capitalize Research Costs (1) corporate cash donation (1) equifax hack (1) FICA (1) FUTA (1) medicare (1) normalized EBITDA (1) DCF (1) Business Buyers (1) meals (1) entertainment (1) Outsourced CFO (1) Multistate Payroll Taxes (1) Remote Workforce Taxes (1) Payroll Automation (1) Local Tax Laws (1) Multistate Compliance (1) signs to scale (1) financial insights (1) holistic accounting services (1) reduce operating costs (1) reduce labor costs (1) Energy Credits (1) 401(k) (1) disabled access credit (1) family and medical leave credit (1) retirement plan startup credit (1) retirement plan automatic enrollment credit (1) QuickBooks Cleanup (1) QuickBooks Software (1) loss disallowance rule (1) carryforward (1) distressed business (1) QuickBooks Optimization (1) credit sales (1) collections (1) receivables ratio (1) aging schedule (1) average collection period (1) duties test (1) Agile Business (1) Weather Economic Uncertainty (1) Next Level Accounting (1) Cash Flow Management (1) Projecting Cash Flow (1) Accounting Best Practices (1)

Accounting & Financial News

What’s the Proper Tax Treatment for Intangible Assets?

Intangible assets have become increasingly vital to the value of many companies. While their benefits may be…

Read More

Understanding the CPA’s Role in Detecting Fraud

A role of CPA's is to act as "gatekeepers," emphasizing their responsibilities for identifying fraud risks and detecting material misstatements…

Read More

Partnerships: Tax Considerations When Adding a New Partner

Are you considering inviting an employee or an outsider to participate in your existing partnership? Before making any commitments, it's…

Read More