Please ensure Javascript is enabled for purposes of website accessibility
September 28, 2023

Cyber Extortion: Leprechauns vs. Accountants

To capture the spirit of St. Patty’s day, let’s discuss a cunning technique that nefarious leprechauns use to steal your pot of gold: cyber extortion. Boiled down, cyber extortion is an age-old blackmail scheme with a digital twist.

It starts with an unlucky target, such as a database housing sensitive information. A leprechaun (read: hacker) infects the target with ransomware or otherwise restricts access. Then — like an Oscar-worthy Hollywood villain — the leprechaun demands money, adding caveats to expedite the payment. For example, if payment is not received promptly then the leprechaun will delete the data or share it publicly. Of course, to really pack a punch, losing the data forever or having it leak to the world is hard for the data owner to stomach because, you know, absolute ruin is compelling.

Once the leprechaun receives payment, assuming all conditions are met, data access is restored and everyone can breathe easy again.

It’s high time accountants get cyber extortion on their radar to avoid this unpleasant experience and protect themselves from paying a sizable ransom. A recent Accounting Today article cites that cyber liability is a growing threat and accountants are prime targets. Given the types of information accountants are privy to these days, it’s not a huge surprise someone might want to hold it hostage.

Here are a few dos and don’ts for accountants (especially those at smaller firms) to consider with regard to cyber extortion:

Do use an encrypted email service. Once hackers compromise an email system, all bets are off. For many cloud-based systems, access is only a “lost” password request away. Click on that password reset email link and bingo. A hacker doesn’t even need to use ransomware to break in and restrict access. Email passwords must be closely guarded and encryption is vital during email transmission and storage.

Do consider a cyber liability insurance plan. Cyber liability insurance plans cover claims arising from hacking attacks (including ransomware) and loss of sensitive data. Policies often reimburse for ransom payments, client notification expenses, legal fees, credit monitoring subscriptions, and forensic service fees. The AICPA offers CPA NetProtect underwritten by Continental Casualty Company (CNA). CPAGold and Camico are other options with varying cyber liability coverage. And, if laptops simply go missing on a regular basis, some policies even cover the cost to recover or recreate lost data.

Don’t assume general liability insurance covers cyber claims. Cyber claims are not usually covered under your run-of-the-mill error and omission (E&O) insurance coverage. It would be very unfortunate to get denied for a claim after assuming the premiums you already pay will cover it. Be sure to check pronto.

Don’t assume your cloud storage provider has cyber liability insurance. Relinquishing your control of servers to a third-party service provider means the risk management is passed off to the provider, right? Maybe… maybe not. Attorneys suggest that you “review your contracts to determine whether or not you are still legally responsible for the security of the information you store in the cloud.”

Don’t assume a Mac will protect you. Just last week a new ransomware hit the scene, attacking the previously impenetrable Apple fortress. Reuters reported this was the first time Apple has been hit with a large scale ransomware infection. Moral of the story: No one is safe.

Even if you weren’t worried before, are you now concerned about cyber extorting leprechauns? If so, would you consider buying cyber liability insurance? Tell us in the comments.

Image: Ignacio Leo / Wikimedia Commons

Latest Accounting Jobs--Apply Now:

Have something to add to this story? Give us a shout by email, Twitter, or text/call the tipline at 202-505-8885. As always, all tips are anonymous.

Comments are closed.

Related articles

Upset stressed woman holding cellphone disgusted shocked with message she received isolated grey background. Funny looking human face expression emotion feeling reaction life perception body language

6 Ways Email is Secretly Destroying Your Accounting Firm

Email: The word itself sounds innocent, doesn’t it? Kind of like “snail mail,” but faster, sleeker, and without the slimy trail. But don’t be fooled—email is secretly a sinister beast, hiding in the shadows as it plots to destroy businesses—including your accounting firm. If your accounting firm still relies heavily on email for client communication […]

an empty office to represent talent shortage

Research: The Talent Shortage is Starting to Take Its Pound of Flesh From Corporate Tax Departments

This morning, Thomson Reuters released new research that reveals both corporate tax and global trade departments state they are under-resourced for technology and talent. This, naturally, is increasing risk in the form of penalties and audits. The latest research piggybacks a bit on what was revealed in their Future of Professions report released last month. […]