ThinkTWENTY20

In an article in FM Financial Management, dated March 10. 2022, Jeff Drew interviews cybersecurity expert Allison Davis Ward, CPA, who describes what her fellow accountants should be doing to protect their firms, companies and clients in these dangerous times. As he points out, “accounting professionals must remain aware — and wary — of the increased threat of Russia-backed cyberattacks. Just because cybercriminals are not making much noise doesn't mean they aren't making moves.”

According to Ward, cyberattacks are going to continue to increase as a form of weaponry during wartime — even more so than they already have been. “The cyber world allows bad actors and state-sponsored groups to attack from anywhere. Bad actors don't have to be on the ground in a country involved in a conflict to cause significant damage and distress.”

The world's reliance on technology will only increase as it becomes more and more integrated into daily life. Cyberthreats will continue to evolve with those changes.

Ward warns that “attacks on the supply chain go hand-in-hand with state-sponsored cyberattacks. The bad actors' goal for these attacks is to create significant, widespread disruption and damage. What better way to have that impact than to target a joint vendor, supplier, or another third party used by many different organizations in a variety of industries?

Phishing and ransomware — two threats we've come to know very well in recent years — are also to be expected, Ward says. “It's proven that phishing works, and it gives bad actors an entry point to launch many of their attacks. Ransomware continues to evolve, making it extremely difficult for us to battle it. It also can be highly detrimental for an organization, causing many to make a tough decision on whether to pay the ransom. Unfortunately, if the ransom is paid, it only funds the industry further and provides bad actors with the resources to continue carrying out their attacks.

The exploitation of vulnerabilities is rampant and is another area commonly associated with state-sponsored cyberattacks. Vulnerabilities are identified frequently, and organizations do not always patch and mitigate them as quickly as they should. State-sponsored hackers often use a variety of methods to scan systems and infrastructure to identify these unmitigated vulnerabilities. Once found, they use them as the starting point to either launch an attack or to gain entry into a network to perform further reconnaissance.   

Ward thinks that in addition to governmental agencies, “organizations that support our critical infrastructure or provide nationwide services should be most vigilant. The ransomware attacks that Colonial Pipeline Company and JBS Foods dealt with in May 2021 showed us how much cyberattacks on those industries can affect the entire country. The trickle-down effects to individuals were significant.”

As well, she says, attacks on police departments, water treatment facilities, power plants and healthcare facilities could have widespread impacts. “In a time when cyber warfare is a real threat, bad actors are going to aim to attack organizations and industries that will allow them to cause the most damage and the largest disruption.”

For  more and Ward’s advice on what security strategies should be front and centre for organizations right now, see How to prepare for cyberattacks at a time of heightened threat - FM (fm-magazine.com)