This writer does not like writing such scary blogs but considering the rate at which people are being hacked these days, he may as well get used to it.
The IT world has been set ablaze with the news that Deloitte, a firm that sits pretty at the top of the “Big Five” accountancy firms, was the target of what news outlets dub as “a sophisticated hack that compromised the confidential emails and plans of some of its blue-chip clients.” Apart from auditing, Delloite also offers tax consultancy and high-end cybersecurity to Apple, Microsoft, Glaxosmithkline Procter & Gamble, GM, Boeing, Morgan Stanley, Berkshire Hathaway and Starbuck’s and other world-beaters. These companies played their part in ensuring Deloitte hit a record $37bn (£27.3bn) revenue last year.
So far, six of Deloitte’s clients (not necessarily the aforementioned) have been told their information was “impacted” by the hack. If Microsoft is one of the very unlucky six, it remains to be seen how they will react given that the emails to and from Deloitte’s 244,000 staff were stored in their product; Azure cloud service.
Deloitte’s website famously says that “Cyber risk is more than a technology or security issue, it is a business risk,” Ironically, it continues that “While today’s fast-paced innovation enables strategic advantage, it also exposes businesses to potential cyber-attack. Embedding best practice cyber behaviours help our clients to minimise the impact on business.”
The hackers, who used an administrator account to gain unrestricted access to all areas, targeted info of Deloiite’s super clients, which was in abundance on the company’s email system given the first step of auditing is total surrender of information. Usernames, passwords, IP addresses, architectural diagrams for businesses and health information were not spared either.
As the norm is these days, Deloitte is said to have discovered the hack in March this year, a cool 4 or 5 months before the attackers are believed to have accessed the precious systems. Another 6 months were to pass before the information reached the public and sent tongues wagging on the usual conversation.
Who is safe now? If a company that was ranked the best cybersecurity consultant in the world just 5 years ago could not hold its own against cyber attackers, who should not be worried? These guys have a whole CyberIntelligence Centre” to provide clients with “round-the-clock business focused operational security” but still …
Cybersecurity, previously confined to Sci-Fi movies, is becoming real with each passing day. Companies are increasingly conscious of this; something that is being reflected by the many inquiries in our desk. Our clients are demanding cyber-security solutions more than any other of our services and as usual, we are happy to help.
So, have you contacted us? What you gonna do when they come for you?