CPA Data Protection: A Ransomware Tale

Like most small business owners, Susan (not her real name) juggled a lot … and sometimes things would get missed. We can all relate to that. But in this case, the “missed thing” almost cost Susan everything. Read her cautionary tale.

minute read

Last Updated September 16, 2021


A Cruel (Cruel) Summer … Data’s Gone

Most of us think of summer as a time to relax; we think about our vacations, longer lunches, and extended breaks outside enjoying the weather. Susan (not her real name) thinks about summer a little differently. She remembers it as the season she almost lost her business because of a hacker.

Susan runs a twenty-person CPA firm in Philadelphia. She’s smart, hard-working and successful. She’s a great CPA and pretty good with technology, too.

But, like most small business owners, Susan juggles a lot. Competing priorities = sometimes things get missed. We can all relate to that. In most instances, the missed “thing” won’t cost a fortune to remedy and bring your business to a standstill … but in Susan’s case, that’s exactly what happened.

Susan’s Data Security Story

Although a strong advocate of cloud environments, many of Susan’s employees were still storing and maintaining files internally and on their devices. Her accounting system (QuickBooks) was also resident on an on-premises server, managed in-house. She hired an IT consultant for data protection. He sporadically appeared for mostly break/fix work; and at first glance, this basic support was fine.

Many CPA firms and small businesses’ IT systems look similar to Susan’s:

  • Leverage cloud computing for some applications
  • Have sensitive data stored in cloud applications, a dedicated server, employees’ workstations, flash drives, etc.
  • Assume OS (operating systems), applications and software are automatically updated
  • Get IT support only when they (think they) need it

How One Hacker Brought the In-House Server Down

One day in mid-July, a ransomware virus attacked her firm. Once unleashed, the ransomware virus attacked all files, connected devices and servers on her network and encrypted them.

Encryption technology uses sophisticated mathematical functions to make data inaccessible and unreadable to individuals without the appropriate code or password. ¹ Used justly, encryption technology protects data from thieves. In Susan’s case however, the thieves were using their own encryption technology to block her from accessing her own data.

Users were delivered a red warning screen informing them that their files were encrypted, and to get the files back, they would need to enter a unique code. How to get the code? From the ransomware creator via email or phone number.

And (like the term ‘ransomware’ suggests) she would only get the code after paying a $100 ransom. In Susan’s case, the ransom payment needed to be in Bitcoin. Susan, of course, didn’t have a whole lot of Bitcoin laying around. And even though $100 wasn’t a lot of money for her, she was furious.

Some random hacker was able to bring her in-house server down with ease. She wasn’t about to pay that person for the right to take back her own data.

Plus, she was concerned about whether paying would truly end the problem. Would he now be able to return anytime he wanted a payday? Would the next ransom be 10x the amount? 100x?

Local IT Didn’t Specialize in Data Protection

First—Susan asked her IT guy when he had last backed up her data. To her dismay, he hadn’t performed a thorough data backup in months. So, restoring yesterday’s backup on new hardware (while they dealt with the hacker) wouldn’t be an option. Her firm was at a standstill. Her CPAs couldn’t do anything but wait.

So for five grueling days in July, Susan had her IT person try everything. She brought in another consultant. She shelled out a few thousand dollars to avert dealing with the hacker.

The business was at a standstill:

  • Invoices couldn’t be tracked and payments couldn’t be recorded.
  • Client files? Inaccessible.
  • Meetings? Canceled.

Weeks after the event, she admitted:

“Things were teetering on the brink … I had no options to fix this and a business to run.”

Ultimately, Susan caved to the hackers. She begrudgingly paid the hundred bucks. She got the encryption key so that her employees could get back to work. She learned her lesson that summer.

So this is what she did next.

After firing her IT person and her IT consultants, she contacted the team at Right Networks to learn more about their cloud hosting plans. Susan moved all of her files—and even her accounting system, QuickBooks Desktop—to a cloud hosting service.

Now, her data is in the cloud and the latest security software is on every network-connected device. No more self-managed, on-premises server; data is stored in multiple data centers and backed-up nightly. A team of network security experts monitor her company’s activity 24/7/365 (and immediately reports anything suspicious.)

Only YOU Can Help Prevent Cyber Breaches

Will the data be 100 percent secured by Susan’s new services? Well, no one cloud hosting or IT service can promise that. To remain secure, every employee and client must exercise caution and continuously educate themselves about the latest cyber threats.

But at the very least, she can take comfort that the people holding onto her data specialize in cloud services, cloud server security and are monitoring for intruders 24/7/365.

“One thing I’ve learned over the years,” she said to me recently. “Is that there are some things I do well and some things that are best left to the experts.”

Today, Susan is back on track. Business is good and the incident is behind her. Susan now even gives talks to her clients on the importance of working in the cloud to stay safe.

Will she ever forget that experience from the Summer of 2017? Not likely. Does she have a new respect for cloud data security? Oh yes.

Recommended For You

Benefits of Cloud Security: Spear-phishing Prevention

Subscribe to our blog

Get Rightworks articles delivered straight to your inbox.