IRS Press Release:
IR-2017-125, Aug. 1, 2017
WASHINGTON — The Internal Revenue Service, state tax agencies and the tax industry today warned tax professionals that ransomware attacks are on the rise worldwide as bad actors here and abroad infiltrate computer systems and hold sensitive data hostage.
The IRS is aware of a handful of tax practitioners who have been victimized by ransomware attacks. The Federal Bureau of Investigation recently cautioned that ransomware attacks are a growing and evolving crime threatening the private and public sectors as well as individuals.
The “Don’t Take the Bait” campaign, a 10-week security awareness campaign aimed at tax professionals, hopes to increase awareness about these attacks. The IRS, state tax agencies and the tax industry, working together as the Security Summit, urge practitioners to learn to protect themselves. This is part of the ongoing Protect Your Clients; Protect Yourself effort.
“Tax professionals face an array of security issues that could threaten their clients and their business,” IRS Commissioner John Koskinen said. “We urge people to take the time to understand these threats and take the steps to protect themselves. Don’t just assume your computers and systems are safe.”
Ransomware is a type of malware that infects computers, networks and servers and encrypts (locks) data. Cybercriminals then demand a ransom to release the data. Users generally are unaware that malware has infected their systems until they receive the ransom request.
The 2017 Phishing Trends and Intelligence Report issued annually by Phishlabs named ransomware one of two transformative events of 2016 and called its rapid rise a public epidemic.
In May 2017, a ransomware attack dubbed “WannaCry” targeted users who failed to install a critical update to their Microsoft Windows operating system or who were using pirated versions of the operating system. Within a day, criminals held data on 230,000 computers in 150 countries for ransom.
The most common delivery method of this malware is through phishing emails. The emails lure unsuspecting users to either open a link or an attachment. However, the FBI also has warned that ransomware is evolving and cybercriminals can infect computers by other methods, such as a link that redirects users to a website that infects their computer.
Victims should not pay a ransom. Paying it further encourages the criminals. Often the scammers won’t provide the decryption key even after a ransom is paid.
Tips to Prevent Ransomware Attacks
Tax practitioners – as well as businesses, payroll departments, human resource organizations and taxpayers – should talk to an IT security expert and consider these steps to help prepare for and protect against ransomware attacks:
Victims should immediately report any ransomware attempt or attack to the FBI at the Internet Crime Complaint Center, www.IC3.gov. Tax practitioners who fall victim to a ransomware attack also should contact their local IRS stakeholder liaison.