ACCOUNTING GIANT DELOITTE HIT BY CYBER ATTACK
26 September 2017, Written by David Simmons
ONE of the "big four" accounting firms, Deloitte, has been hit by a cyber-attack that has compromised the confidential emails and plans of its blue-chip clients.
In a report by The Guardian, the accounting firm was the victim of a cybersecurity attack that went unnoticed for months.
The hack is an ironic twist of fate for the mammoth firm, which specialises in high-end cybersecurity advice to some of the world's biggest banks and multinational companies.
The company has attempted to downplay the severity of the attack, claiming it only impacted "very few" clients, but according to The Guardian's sources the breach dates back to as early as October 2016.
The hack is reported to involve all administrator accounts at Deloitte as well as the company's entire internal email system.
So far, six of Deloitte's clients have been told their information was "impacted" by the hack as Deloitte's internal review continues.
Following The Guardian's report, further details trickled out. According to respected cyber security journalist Brian Kerbs, it appears the hackers transferred a significant amount of information that includes confidential data.
Kerbs' report says the company is currently unaware of the extent of the breach, when the breach occurred, nor for how long the hackers were inside Deloitte systems.
In addition to confidential emails stored on Deloitte's servers, it is reported that hackers have accessed usernames, passwords, IP addresses, architectural diagrams, and health information.
The hacker accessed Deloitte's gloabl email server through an "administrator's account", granting them unrestricted access to the company's data.
The Guardian reports the administrator account required only a single password and did not have "two-step" identity verification, a widely used standard in cybersecurity.
Emails to and from Deloitte's 244,000 staff were stored in the Aszure cloud service, which was provided by Microsoft. The Azure service is similar to other cloud based document storage systems like Amazon Web Service and Google's Cloud Platform.
The Guardian reports an estimated 5 million emails were based in this cloud platoform. Deloitte said the number of emails that were at risk was a fraction of this number but declined to elaborate to The Guardian.
So far, no individual or group has claimed responsibility for the attack, but early reports suggest the hackers were commercially motivated, and sought confidential information to sell or use for insider trading.
According to a source close to Deloitte, reported by Kerbs, the company's investigators have identified several gigabytes of data being transferred to a server in the United Kingdom.
Kerbs' source further said the hackers had free reign in the network for a "long time".
The breach is believed to have been US focused, but was so sensitive that only a few of Deloitte's most senior partners and lawyers were informed.
On 27 April, 2017, Deloitte hiredd the US law firm Hogan Lovells on "special assignment" to review what it called a "possible cybersecurity incident".
In a statement to the media, Deloitte says it has responded by implementing fresh security protocols across the board.
"Deloitte remains deeply committed to ensuring that its cyber-security defences are best in class, to investing heavily in protecting confidential information and to continually reviewing and enhancing cyber security," said the company in a statement.
In 2012 Deloitte was ranked #1 globally in security consulting based on revenue.
More to come.
Business News Australia
Author: David Simmons