Why are accountancy firms targets for cyber-attacks?

Accountancy firms face an increase in cyber risks as criminals switch their focus to ‘softer target’ smaller businesses. In this blog, we review why accountancy firms are targets for cybercriminals and what steps you can take to minimise your risk.

(Source: Keeping Accounting Firms Secure - 5 Key Considerations of a Cybersecurity Plan)

Small accountancy practices (and small businesses) are not exempt from the disruption of cyberattacks that affects large organisations. Being a smaller firm can make them more vulnerable with more filings now taking place online, the risk has increased. So why would accountants be targeted by cybercriminals?


They want your client’s data

The information cybercriminals want – financial data, Tax IDs, bank account details, payroll data and employee details. Accounting firms all use similar computer software, so if a criminal can find a vulnerability that can be exploited. They immediately have lots of potential victims. Typically there isn’t enough investment in online security, policies and procedures aren’t in place and this can leave firms wide open to a cyber attack.


If your firm doesn’t have an incident response and business continuity procedure in place, that means accountants are more likely to pay cyber criminals money because they fear they may not be able to recover from an attack. Either in the recovery of a firm’s reputation or through financial loss.


Remember: If you are currently subjected to a live and ongoing cyber-attack then please contact the police on 101.
If you suspect you’ve been scammed, defrauded or experienced cybercrime, then please report this to Action Fraud.

Many accountancy firms are making life easier for hackers by underestimating the threat they face. As we all adapt to being a more remote workforce, there has been a 300% increase in cyberattacks on accounting practices of all sizes. Attacks are sophisticated and often strike when accountants are working at the year-end or when tax return deadlines are due.


“With the increase in the remote workforce and ongoing COVID pandemic, there has been a 300% increase in cyberattacks on accounting practices of all sizes.” - Accounting Today


Gateway to Information

With the amount of valuable data self-employed accountants and practices hold on their clients, hackers want to incept this information to enable them to pull off complex frauds. The more information they can find or trick you into giving up, the better a picture they can build of a business or individual whose bank account they intend to target.


Accountancy firms are viewed as a “gateway” to getting this sensitive information and can be perceived as a soft target with fewer security barriers and little or no in-house expertise for a hacker to get past. Hackers are motivated to find out any vulnerabilities in accounting software knowing there is a high reward to be had by exploiting the weakness and then attack multiple businesses who use the same software.



Small but not safe

According to the Cyber Security Breaches Survey 2021, 39% of small businesses identified at least one breach or attack in the last 12 months. SMEs can then be faced with increased disruption than a larger business as they lack the processes and cyber expertise. The impact on small business operations and the inability for staff to carry out their work can have long-lasting consequences, not only for the practice itself but also its clients.


Minimise your risk – 5 steps to cyber resilience

Your business is never too small, to be targeted. However, with the right measures in place, no business is too small to start to protect itself. Accountancy firms can set the example by following these top cyber-security tips:


  • Ensure they have a firewall and anti-virus/anti-malware solutions and remember to install all updates and patches regularly. This stops criminals from exploiting faults in old systems or software.

  • Ensure all business-critical data, (customer data and financial information), on all company devices, are securely backed up (either in the cloud or a remote device) and can be restored if needed.

  • Ensure a clear security policy is in place for staff, create a cyber-conscious culture in the workplace and ensure the policy is communicated to all personnel so they are aware of their responsibilities.

  • Staff should undergo regular security awareness training so employees are constantly updated about the latest scams and ways they can stay secure both in the office and working remotely.

  • Have an up-to-date incident response plan that is practised regularly so that employees know what to do if they suspect there is an attempted breach, a phishing email has been received or if a cyber incident occurs.

How can the Cyber Resilience Centre for the West Midlands help my accountancy firm?

To help accountants and accountancy firms outsmart cybercriminals and toughen up their cyber security, the Cyber Resilience Centre for the West Midlands can offer a Premium Membership when we can help you identify your risks and vulnerabilities. Showing you the steps you can take to increase your levels of protection, whilst also giving your staff incident response plan and test their knowledge of the latest threats through a phishing exercise.

The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the West Midlands is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others.  Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the West Midlands provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

 

The Cyber Resilience Centre for the West Midlands does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the West Midlands is not responsible for the content of external internet sites that link to this site or which are linked from it.