Accenture, a massive global consulting firm, was recently hit by a ransomware attack. Even though Accenture spends a fortune on cyber security, this attack shows the difficulties in protecting a global organization of massive proportions. Accenture beefed up their cyber security defenses in recent years, acquiring multiple security focused companies including Sentor and Novetta, one of the biggest data management companies that the federal government uses. Regardless of how big and robust Accenture’s security is, this attack is a stark warning to big corporations—no matter the size, you are always a target.
The initial reporting on the attack began after the LockBit ransomware gang posted a timer counting down to the publication of the data stolen in the attack if the $50 million ransom wasn’t paid. Following the initial attack, Accenture claimed to have identified and “Immediately contained the matter and isolated the affected servers. We fully restored our affected systems from back up. There was no impact on Accenture’s operations, or on our clients’ systems.” in a statement to CNN. Several hours later, CNBC Reporter Eamon Javers reported that LockBit had released a dump of 2,400 Accenture documents which was largely comprised of PowerPoints and case studies.
These hackers have now published almost 2,400 files to the Dark Web, according to CNBC analysts at Q6 cyber. The files appear to be PowerPoints, case studies, quotes and the like. No comment yet on the theft from Accenture.
— Eamon Javers (@EamonJavers) August 11, 2021
It is quite easy to see the trend of increasing ransomware attacks—between 2019 and 2020, attacks rose worldwide by 62% and by 158% in North America alone. The reason for the rise in attacks is because companies are more likely than ever choosing to pay a ransom to get their data and information back. This has created a “get rich quick” attitude for cyber criminals, knowing that their needs are met with ransoms being paid out quickly. In addition, one of the biggest drivers of ransomware attacks is the number of online users. As years go by, the growing number of people online skyrockets, the pandemic bringing a massive amount of fuel to that fire. In a report published in 2020, Cybersecurity Ventures expects global cybercrime to grow by 15% each year surpassing $10.5 trillion USD by the year 2025.
To most people, the first inclination to seeing the headline “Accenture hit with ransomware!” will be to blame Accenture for allowing the attack in the first place. In some ways that is fair; there are probably ways they could further refine their cybersecurity performance, and they will surely be identified and mediated in the post-mortem of the incident. However, Accenture also responded to this incident exactly as they should; they had the right protocols and procedures in place to minimize the damage and to avoid having to pay a multimillion-dollar ransom. It seems that in this case they did everything right in the aftermath of the infection by correctly quarantining the systems, identifying the infection, refusing to pay the ransom, and eliminating the threat by restoring the infected machines from backup. This is a lesson that hopefully many can learn from as we weather the storm of increased ransomware attacks in the years to come.