Posts Tagged ‘cybercriminals’

Help The FBI Find A Defense Against Ransomware

Monday, September 19th, 2016
Help Fight Ransomware - Ohio CPA Firm

The FBI recommends users consider implementing prevention and continuity measures to lessen the risk of a successful Ransomware attack. Keep reading to find out how you can help the FBI combat the threat of Ransomware.

The FBI recently released a public service announcement urging victims of Ransomware attacks to come forward and report these cyber infections to federal law enforcement. Doing so, the FBI said in a statement, will “help us gain a more comprehensive view of the current threat and its impact on U.S. victims.

Read Also: Could Your Company Be Ransomware’s Next Victim?

A Closer Look At Ransomware

A computer infection that has been programmed to encrypt all files of known file types on your computer and your server’s shared drive and making them inaccessible until a specified ransom is paid; Ransomware is a very real threat to all businesses nationwide. Once a computer is infected, which usually happens once a user clicks on a malicious link, opens a fraudulent email attachment or unknowingly picks up a high-risk automatic download while surfing the web, it’s all but impossible to regain access to the data that has been infected. Upon discovering that your computer has been infected, you have two choices. You can either:

1)     Restore the machine by using backup media, or

2)     Accommodate the hacker’s demands and pay their ransom.

And both options are less than ideal.

What To Do If Your Company’s Network Becomes Infected

Ransomware infections were at an all-time high in the first several months of 2016, according to various cybersecurity companies, and because new Ransomware variants are emerging regularly, the FBI needs your help to determine the true number of Ransomware victims.

“It has been challenging for the FBI to ascertain the true number of Ransomware victims as many infections go unreported to law enforcement,” the agency stated in its recent announcement. “Victims may not report to law enforcement for a number of reasons, including concerns over not knowing where and to whom to report; not feeling their loss warrants law enforcement attention; concerns over privacy, business reputation, or regulatory data breach reporting requirements; or embarrassment. Additionally, those who resolve the issue internally either by paying the ransom or by restoring their files from back-ups may not feel a need to contact law enforcement.”

Read Also: How Much Is Your Data Worth To Criminals?

Reporting a Ransomware attack on your company’s network is not only beneficial for you, the information you provide will help the FBI as it works to identify ways to prevent future attacks. Your reports will:

  • Provide law enforcement with a greater understanding of the threat
  • Help justify Ransomware investigations
  • Contribute relevant information to ongoing Ransomware cases

Help Arm The FBI With Information

The recent PSA released by the agency requests that all Ransomware victims reach out to their local FBI office and/or file a complaint with the Internet Crime Complaint Center. Be sure to have the following details available and ready to provide to the respondent when prompted (if applicable).

  1. Date of Infection
  2. Ransomware Variant (identified on the ransom page or by the encrypted file extension)
  3. Victim Company Information (industry type, business size, etc.)
  4. How the Infection Occurred (link in e-mail, browsing the Internet, etc.)
  5. Requested Ransom Amount
  6. Actor’s Bitcoin Wallet Address (may be listed on the ransom page)
  7. Ransom Amount Paid (if any)
  8. Overall Losses Associated with a Ransomware Infection (including the ransom amount)
  9. Victim Impact Statement

The FBI recommends users consider implementing prevention and continuity measures to lessen the risk of a successful Ransomware attack. Click here to read the FBI’s complete announcement.

To learn more about protecting your business from cybercrime, download the free whitepaper, “Cybercrime: The Invisible Threat That Haunts Your Business.”

Share Button

Last Minute Tax Tips, Financial Stress and Cybercriminals …

Monday, May 2nd, 2016

April’s Top Posts Had Readers On Edge

So our month was pretty intense … how was yours? The good news is that we made it through another tax season, the bad news is that business owners are clearly still on high alert due to continuous influx of hacker activity. Take a look at our top five blog posts in April for some useful tips and insight you can use all year long.

Top 5 Blog Posts For Business Owners In April

  1. Can A Cybercriminal Crack Your Company’s Network? Small and midsize businesses are not immune to becoming the target of a crippling cyberattack and without the proper procedures in place business owners risk the very real threat of a large-scale assault on their company’s data. Would you be able to recover if your organization was attacked?
  2. How Flexible Is Your Company’s Management Style? Never before has the American business owner had to manage a workforce consisting of employees whose ages span five generations. And because each generation is unique, your company’s leadership team is left with the impossible task of adopting a management style to accommodate an incredibly diverse workforce. Keeping reading to learn more.
  3. What Tax Liabilities Accompany Inherited Real Estate? So you just inherited some real estate. You’re probably now wondering – is this a blessing or a curse? From the tax perspective, of course. And that’s a good question to ask. Just because you inherit something doesn’t mean that you’re free and clear of any potential tax liabilities. Depending on how you use the property and if you sell it will determine if you have a taxable situation. So here’s what you should know about taxes and inherited real estate. Read on to learn more.
  4. Increased Financial Stress Hurts Your Company’s Bottom Line Earlier this month, in a proclamation that reiterated the importance of equipping everybody with the “knowledge and protections necessary to secure a stable financial future for themselves and their families,” President Obama declared April to be National Financial Capability Month. While the timing of the proclamation makes this a great time to raise general awareness about the importance of financial fitness, businesses have a great opportunity to educate their employees about the importance of financial wellness all year long.
  5. How Can You Track Use Tax in QuickBooks? Now that you have filed for use tax amnesty and are all set up with an account, how are you going to track it daily going forward? If you use QuickBooks, the answer is as simple as 1-2-3.

April was great, but we are excited to see what May brings. More tips for business success? More financial news and updates? Personal finance advice? Of course! Stay tuned.

Don’t want to miss a post? Make sure you have subscribed to our blog so you don’t miss a single post.

Share Button

Phishing Scam Is A Threat To Ohio Businesses

Monday, March 28th, 2016
IRS Phishing Scam - Ohio CPA Firm

You can take a proactive stance when it comes to protecting your company from these scams by encouraging your employees to pay close attention to emails that request sensitive information, such as the names of employees, Social Security numbers, dates of birth, addresses and/or salary information or copies of employee’s W-2 information.

The Ohio Department of Taxation (ODT) is echoing phishing scam alerts made by the IRS earlier this month in an effort to protect businesses and employees state-wide from identity theft and tax fraud.

Read Also: Payroll, HR Departments Targeted By Cyber Criminals

According to ODT, payroll and human resources offices at companies nationwide – including some in Ohio – reportedly received emailed requests that appear to be sent from a high ranking member of the company’s management team requesting confidential payroll data. While the emails appear to be legitimate, they are actually being sent by cybercriminals who are looking to fool employees into sending them detailed payroll and W-2 information. The imposters then use the information to file fraudulent tax returns.

“The scam has worked on more than 30 companies resulting in the theft of W-2 tax information for thousands of current and former employees,” ODT’s news release states. “The W-2 form contains an employee’s Social Security number, salary and other confidential data. This information enables thieves to create a realistic looking, but fraudulent tax return requesting a tax refund that is then filed with Ohio or other states, and the IRS.”

The frequency of tax fraud and identity theft continues to increase at an alarming rate. This tax season alone, the IRS reported an approximate 400 percent increase in phishing and malware incidents – a surge that was addressed back in February.

“If your CEO appears to be emailing you for a list of company employees, check it out before you respond,” said IRS Commissioner John Koskinen. “Everybody has a responsibility to remain diligent about confirming the identity of people requesting personal information about employees.”

You can take a proactive stance when it comes to protecting your company from these scams by encouraging your employees to pay close attention to emails that request sensitive information, such as the names of employees, Social Security numbers, dates of birth, addresses and/or salary information or copies of employee’s W-2 information. You can also let them know that they should never send sensitive information until a conversation takes place, either in-person or over the phone, with the member of management seeking the information. You can also check out the information provided here for general insight from ODT that could be used to help your employees identify phishing attempts and email scams.

If your Ohio business has been the victim of or experienced this or any other type of email phishing scheme, contact ODT immediately at 800.282.1780 to protect against potential tax fraud and safeguard Ohio taxpayer dollars.

Those who are interested in learning more about the increasing threat of cybercrime should check out The Columbus Cybersecurity Series. Presentations are scheduled to take place throughout the year and will focus on ways to help business owners learn more about cyber threats. The first installment is scheduled for Wednesday, April 6. The event is free but registration is required to attend. Attendees will walk away with new insight into these attacks as well as tips and advice that will help you protect your business.

By Lisa Beamer, CPA (New Philadelphia office)

Want to protect your employees from identity theft and tax fraud or need help recovering? Check out these articles:

How Can You Protect Yourself From Tax Fraud

Identity Theft Prevention: Tips To Reduce Your Risk of Becoming a Victim

How To Recover From Identity Theft & Refund Fraud

Share Button

Could Your Company Be Ransomware’s Next Victim?

Wednesday, July 8th, 2015
Preempt A Crisis - Rea & Associates - Ohio CPA Firm

While there is no surefire way to prevent a Ransomware attack on your data, it’s wise to implement the following best practices to reduce the possibility of infection or reinfection.

The malware known as CryptoLocker or CryptoWall continues to be a major concern for individuals and companies alike. So much so, that the FBI saw fit to issue a warning just last month and help raise further awareness about the threat.

According to the FBI, this Ransomware continues to evolve, which helps it avoid user’s virus detection software applications – even if they are current. Since April 2014, reported the FBI, there have been 992 incidents of CryptoLocker reported. These occurrences have resulted in the loss of around $18 million.

Read Also: How Much Is Your Data Worth To Criminals?

The Threat Is Real

Ransomware is a computer infection that’s been programmed to encrypt all files of known file types on your local computer and your server’s shared drives. Once it takes hold, it’s all but impossible for you to regain access to the data that’s been infected. Once this happens, you have one of two choices. You can:

  1. Restore their machine by using backup media, or
  2. Accommodate the hacker’s demands and pay up.

As a direct result of my experience as an IT audit manager, I have been made aware of several situations in which businesses were left with no choice but to succumb to the demands of malicious cybercriminals carrying out Ransomware attacks. And while the companies I have worked with were finally able to obtain their assailant’s encryption key code to unencrypt and regain access to their data after the ransom was paid, others are not as lucky – after all, the FBI has reported $18 million worth of losses in just over a year. Furthermore, there are no guarantees that you won’t be targeted again in the future.

Preempt A Crisis

While there is no surefire way to prevent a Ransomware attack on your data, it’s wise to implement the following best practices to reduce the possibility of infection or reinfection.

  • Implement mandatory computer safety training for all employees and implement and test an IT Disaster Recovery Plan in place.
  • Always use reputable antivirus software and a firewall and be sure to keep both up to date.
  • Put your popup blockers to good use. Doing so will help remove the temptation to click on an ad that could infect your computer.
  • Limit access to company’s data by ensuring that only a few employees have access to certain folders and data. You can facilitate this type of action by conducting annual reviews of your company’s employee access rights.
  • Backup all company-owned content. Then if you do become infected, instead of paying the ransom, you can simply have the Ransomware wiped from your system and then reinstall your files once it’s safe again to do so.
  • Never click on suspicious emails or attachments, especially if they come from an email address you don’t recognize. And actively avoid websites that raise suspicion.

Shut Down The Attack

If you are surfing the Web and a popup ad or message appears to alert you that a Ransomware attack is in progress, disconnect from the Internet immediately. Breaking the connection between the hacker and your data could help stop the spread of additional infections or data losses. In addition to informing your company’s IT department about the threat or occurrence, be sure to file a complaint with your local law enforcement agency.

Email Rea & Associates to learn more about the importance of your company’s online security.

By Joe Welker, CISA (New Philadelphia office)

 

Related Articles

Beware Of The Small Business Wire Transfer Scam
Could A Cyber-Attack Cripple Your Business In 2015?
8 Tips For Crafting A Strong Password

Share Button

How Much Is Your Data Worth To Criminals?

Friday, March 13th, 2015
Ransomware

There is no way to completely protect yourself and your network, but there are ways to preempt an attack against you and your business.

How much would you pay to regain access to your company’s network if it was compromised and held for ransom? Are you willing to shell hundreds of dollars to take your information back from a cybercriminal, or are you willing (and able) to just walk away and start anew? I wish I were asking hypothetical questions but, unfortunately, the increased popularity of Ransomware has made the risk of such an attack a very, very real possibility.

Sandra Ponczkowski, a manager of the IT security company KnowBe4, recently shared Your Money or Your Life Files, a whitepaper that details the history and real threat of Ransomware, a computer infection that encrypts all files of known file types on your local computer and server shared drives. Once infected, it becomes impossible for you to access your documents or applications that use these encrypted files. The only way to recover from such an infection is to either restore your machine by using backup media, or accommodating the hacker’s demands and paying their ransom.

Unfortunately, I know of several situations where the businesses involved in a Ransomware attack had no choice but to pay ransom demands to the cybercriminal. The silver lining for these companies was that, upon paying the ransom, they were able to obtain the assailant’s encryption key code, which allowed them to unencrypt their data and regain access to their data.

Long-term protection, however, cannot be guaranteed and there is a chance that your data can be held for ransom again.

The literature provided by KnowBe4 details the fluency with which the popular Ransomware infection CryptoLocker changes and adapts once a solution to unencrypt infected data files becomes available. When this happens, the CryptoLocker infection will evolve into a new strain, thus making the previous solution unusable.

While there is no way to completely protect yourself and your network, there are ways to preempt an attack against you and your business. I recommend the following best practices.

  1. Train yourself and your employees about computer safety practices.
  2. Complete a yearly review of your employee’s access rights to company-owned computers, server folders and backup media. For example, only a few, strategic employees should have access to the company’s folders and data. As a general rule, employee access should be restricted to include only the programs and software required for them to do their jobs. This also applies to work-from-home employees who typically attach a USB drive to their machines for backup protection.
  3. If you don’t already, put a disaster recovery in place and test it ever year to ensure accuracy and completeness.

Following these practices should make your business’s Ransomware prevention and recovery much easier. Email Rea & Associates to learn find out more about the importance of protecting your company’s online security.

By Joe Welker, CISA (New Philadelphia office)

 

Related Articles

Who’s Fishing For Your Data Today?

Beware Of Small Business Wire Transfer Scam

Could A Cyber-Attack Cripple Your Business In 2015?

Share Button