Ransomware attack allegedly strikes accounting firm
Ransomware gang Hunters International revealed that a Brisbane accounting practice had been added to their leak site earlier this week.
Brisbane accounting practice, Gibbs Hurley Chartered Accountants, has allegedly been hit by a ransomware attack by Russia-based ransomware gang, Hunters International, according to reports by sister title CyberDaily.
On July 15 ransomware gang Hunters International revealed Brisbane accounting practice Gibbs Hurley had been added to their leak site.
The accounting firm, based in Paddington, Brisbane, provides advice on topics such as taxation and superannuation compliance to SME and high-net-wealth individuals.
Gibbs Hurley is yet to confirm the attack on their database.
Cyber Daily reported that Hunter International released information regarding the accounting firm’s revenue and employee details, which is common behaviour.
At this stage, Hunters International has not set a date or a countdown timer for the publication of the accounting firm’s data.
Hunters International provided no details of the cyber incident, only stating that Gibbs Hurley has an annual revenue of $5.1 million and 25 employees.
This is the second attack by the same ransomware group targeting the industry this year, after Sydney-based firm T A Khoury & Co was added to the group’s dark web leak site in April.
Cybersecurity and systems management firm Tanium said incidents such as this demonstrates the importance of accounting practices taking greater care in protecting their information.
Tanium regional vice president James Greenwood said ransomware attacks on accounting firms are more prominent in the current financial period.
“It’s no surprise hackers targeted an accounting firm during their peak season,” he said.
“It’s unclear how the breach occurred, but the hackers could have used a number of methods, from preying on employees working long hours at tax time through targeted phishing attacks or exploiting known vulnerabilities in unpatched software.”
This ransomware attack by Hunters International has occurred less than one month after their attack on Sydney-based company, Legrand CRM.
Unlike Gibbs Hurley, Legrand CRM CEO Alain Legrand confirmed the “data breach” with Cyber Daily.
Greenwood said there is no “right way” to protect your firm’s financial information from possible cyber threats, however it is important to try.
“Unfortunately, there isn’t one silver bullet solution to protect your organisation from ransomware, however, having visibility over every endpoint is going to significantly reduce your attack surface, and therefore risk,” he said.
Greenwood understands data protection may be difficult for some firms based on a lack of materials.
“It seems like a no-brainer to have eyes on every device coming in and out of your network at all times, but many organisations don’t have the right tools to do this,”
“Without continuous, real-time monitoring, everything from employees’ laptops to servers and routers could be riddled with vulnerabilities without anyone even knowing.”
Though the ransomware attack is yet to be confirmed by Gibbs Hurley, Greenwood emphasises data protection is still an area that all accounting practices should be actively reinforcing.
“Once continuous visibility into endpoints is established, organisations can remove known vulnerabilities by constantly patching, updating, and configuring,” Greenwood said.
“With automated solutions, organisations can monitor endpoints in real-time, rather than every six months. From there, organisations can proactively hunt for indicators of attacks before they can develop further.”
