Accounting Firm Hit with$300,000 ransomware – TWICE?

Will you be next?


I would like to share a story about an incident when a new customer called us about being hit with $600,000 in ransomware! I will layout what happened and how you can avoid this from happening to your company. The accounting firm has two sites with 25 people working at each location. Both sites were hit separately with ransomware that encrypted their data and a request to pay $300,000 per site to get an encryption key that would un-lock the data. Each site story is similar in nature to we will tell you the story from the first site.

Our office received a frantic call from an accounting firm. The company needed immediate IT help because they were ground to a halt (no one could work), their files and applications were locked up encrypted by ransomware. eSudo met with the accounting representative that originally called us and learned she was the CEO. Her IT provider promptly joined us in the meeting to discuss available options. They asked us to perform a security assessment to help find out what happened and where they were weak on network security. In the process, we found out they had employees that were currently working from home due to the COVID virus outbreak. Their designated IT provider allowed the remote employees to use the default Windows Remote Desktop Protocol (“a non-secure connection”) to access their office computers over the Internet. In turn, this is how the hacker was able to gain access to the company’s computer systems and encrypt their files with ransomware. eSudo also learned that the company did not have a business-grade firewall to prevent and protect their internal network, computers, and data. The IT provider used a consumer grade wireless router as their firewall, thinking this is good enough. It was not! Her current IT provider did very little to protect the network. With little effort, the hacker gained access to the network and caused major damage. eSudo found very little network protection was in place for this company, allowing the breach in security to render them completely compromised once the attack took place and ransomware had all the data locked-up. Since the CEO had signed a contract with this IT provider, she felt her company was safe and secure. It was not! As a result, the hacker gave them 24 hours to pay $300,000 before they would give them the encryption key needed to restore their files and customer information.

My name is Matthew Kaing, CEO of eSudo Technology Solutions. I do realize that my opening claim may seem “sensational,” and that you’d be tempted to ignore this message, thinking I’m just another vendor looking for a paycheck. Maybe you think, “we’re fine.” It’s natural to insist, “Not in MY company,” or to think your IT person or company has you covered.

The growth and sophistication of cybercriminals, ransomware, and hacker attacks have reached epic levels, and a NEW approach to protection is now required. Our experience has shown that the majority of small business and their IT staff fail to understand the importance of computer security protection and maintenance until disaster strikes, leaving them to learn by catastrophe. Security problems are typically due to a failure to take the steps required to secure the company network, or a delay in implementing of system updates due to ‘more important business tasks’, or simply because they ignore the threat completely. As a business owner, it is very important to know the risk your company is facing, address the vulnerabilities, and secure your company. Because, when it comes to IT Threats, “you don’t know what you don’t know”, eSudo can help give you and your company a pro-active approach to solving IT security issues.

After years of managing computer networks for thousands of small business in legal services and accounting firms, eSudo has discovered many common security mistakes companies make along the way. My team and I have found 4 distinct roles to perform when protecting your company to prevent a major disaster like the one listed above. This led me down the path of creating a unique Security Network Assessment (see link below), so that you can get instant clarity on how to immediately fix issues and protect your business.

Go here to learn how to keep your data protected and schedule one-on-one network security review

See you inside,

Matthew Kaing

  • Call an eSudo San Jose IT Consultant at 408-216-5800 or complete this form to get started.

  • (Please be as detailed and specific as possible)
  • Remark: We will collect your information for marketing purposes. However, we respect your privacy rights. If you wish to access or amend any Personal Data we hold about you, or request that we delete any information about you that we have collected, please send us an email:
  • This field is for validation purposes and should be left unchanged.