Protecting Yourself and Your Clients Against Ransomware November 2, 2017

Ransomware attacks are an increasing threat to the public. These attacks indiscriminately affect countless computers and can cause permanent loss of personal, organizational and client data every year. These attacks are responsible for billions of dollars in lost productivity, damaged reputation, and direct financial loss. Even the IRS has warned tax professionals that ransomware attacks are on the rise worldwide, and has launched a security awareness campaign called “Don’t take the Bait” to help tax professionals navigate these threats. You may be asking yourself, “what is a ransomware attack”? Or more importantly, “how do I protect myself, my organization, and my clients from them?

What is Ransomware?
Ransomware is malicious computer software or malware. Once malware has made its way into your computer it infiltrates itself into the operating system, blocking access to files. It can affect your spreadsheets, client tax returns and affect your ability to work. Over a series of days, your files, spreadsheets, photos and documents will be silently encrypted and you will lose access to them. Once the encryption process is complete your system will be locked up and a ransom notice displayed. The notice will give a bounty amount and a time frame to comply. You will have the option to either pay the bounty or risk losing your files forever. Most people don’t even know that they have been infected with ransomware until they are prompted with a ransom request. As financial professionals, we are not only obligated, but legally required to protect our client data. Therefore, these ransomware attacks pose a critical threat to our organizations and our clients.

How does a ransomware attack take place?
The most common methods for a ransomware to infiltrate your system is through email, a malicious download, or a compromised software package. The malware is commonly acquired by opening an email attachment, using a compromised USB memory stick, or downloading from a hacked website.  

Recommendations to stay safe and secure:

1. Email protection. Email and spam filters provide a base layer of protection by filtering potentially threating emails out of your inbox. Fine-tuning your email security settings with email authentication, email file scanning, and additional add-ins for security can add much needed additional protection. Check out Google’s Gmail and Microsoft’s Office 365 for great email hosting with built-in security.

2. Lock down email settings. Most programs like Microsoft Outlook, Word, and Excel offer extensions and security setting adjustments that can be used to mitigate the opportunities for malware infiltration. Check out this article from Trend Micro on how to enable encryption in Outlook.

3. Security software. Utilize up-to-date anti-malware and firewall protections for your network. Check out Trend Micro for superior system and network protection. It includes protection for email, operating system, and all your files.

4. Web Browser ad-blocking. Ad-blocking software can also be added to prevent a malicious site from being clicked by way of an ad banner. Check out Ghostery and Ad-Block Plus for fantastic tracking protection and advertisement blocking. These solutions work on all popular desktop browsers. These two extensions will help keep your browsing experience secure, anonymous, and ad-free.

5. Monitor file access. Rapid file overwriting is one of the key signs of ransomware attacks. Monitoring access to file servers can provide early detection to potential attacks, and allow you to place the computer hosting the attack into quarantine mode, potentially saving the rest of your network. Additionally, consider adding a business grade firewall to your network to monitor access to your network and systems.

6. Update. Always download the latest security patches and updates for your operating system, Internet browser, software, and hardware firmware. Check out this useful article from Carbonite on the different methods and techniques for keeping your system up-to-date.

7. Regular Backups. Keep your system and servers regularly backed up. Many ransomware attacks will access backup files and encrypt those as well, simply because they can be easily accessed through the server. Having multiple file backup sources and keeping those restore points current, testing them often is the best fail safe for any critical attack. Looking for an easy solution? Check out Crashplan and Carbonite for affordable and reliable cloud backup.

Stephen M. Yoss, Jr., CPA, MSIST, is a certified public accountant, the senior technology strategist and principal of Yossio, a continuing education instructor for financial professionals, and a licensed pyrotechnician. While his interests and skills are varied, they all share a common thread—his love for and skill in finding technology-based solutions.

At age 10, Stephen began working with technology; he started his first IT company at just 13, which focused on designing web applications for local businesses. At 15, he began writing original computer code and has been designing and implementing technological solutions continuously since then. Stephen is a graduate of Loyola Marymount University, with degrees in Accountancy and International Business.

In 2009, Stephen formed Yossio, a company focused on helping organizations develop technology strategies to streamline their business operations. Prior to starting Yossio, Stephen worked as an accountant in his family’s practice, Yoss & Allen. At Yoss & Allen, he completely redesigned the firm’s technology practices and instituted a technological infrastructure to streamline the firm’s practices and allow them strategic flexibility.

Since 2009, Stephen has also been teaching continuing professional education, providing written, webcast, in-house, and live instruction. Stephen is also a professionally licensed pyrotechnician and works on major fireworks displays throughout the nation.

View Author Page


How The $3.5 Trillion Budget Blueprint Could Impact Your Clients

The new reporting requirements on brokers are addressed in Section 80603 of the bill. “Broker,” by definition in Sec. 6045 (c)(1), is expanded to include “any other person who (for a consideration) regularly acts as a middleman with respect to property or services…A person shall not be treated as a broker with respect to activities consisting of managing a farm on behalf of another person.” In turn, the bill defines a “digital asset” as “any digital representation of value which is recorded on a cryptographically secured distributed ledger or any similar technology as specified by the Secretary.