back to article Late with your financial paperwork? Here's a handy excuse: Malware smacked your bean-counter cloud offline

A global software-as-a-service platform catering to accountants is in damage control mode after a malware infection knocked its services offline. Netherlands-headquartered Wolters Kluwer, the software company behind the CCH suite of web-based tax preperation tools for professional accountants, said in a statement it does not …

  1. N2 Silver badge
    Trollface

    never give unauthorized access to the data...

    Until when?

    Thats a fine crystal ball you have there sir.

  2. Andy The Hat Silver badge

    Obvious question

    " ... CCH suite of web-based tax preperation tools for professional accountants." (sic)

    So which tools do unprofessional accountants use?

    Perhaps we should sell wire strippers for qualified electricians ...

    Spanners for qualified mechanics ...

    A full manual for professional MS Office users ... oh sorry, that's just pushing expectation too far!

    1. katrinab Silver badge
      Trollface

      Re: Obvious question

      "So which tools do unprofessional accountants use?"

      They use Excel

      CCH is utter garbage though. If you think Sage is bad, you haven't seen what the alternatives are like.

    2. Fatman
      Joke

      Re: Obvious question

      <quote>So which tools do unprofessional accountants use?</quote>

      Quick books????

  3. Anonymous Coward
    Terminator

    Wolters Kluwer hit by Mega Cortex Ransomware

    Wolters Kluwer working to restore all UK services following a reported Mega Cortex Crypto Ransomware infection.”

  4. Pascal Monett Silver badge

    "Assuming CCH has good backup in place"

    I'm assuming that, given the number of times we hear of companies being hit by ransomware and paying up, those backups aren't as common as you'd like to think.

    I'm also assuming that, once they've been subject to that kind of extortion, a proper backup system must start looking like a golden investment.

    But maybe I'm assuming too much there.

    1. Paul Crawford Silver badge

      Re: "Assuming CCH has good backup in place"

      Backups - even if they hare made, are they frequent enough and tested for a full bare-metal recovery?

      It is a bit like UPS support: few are willing to send Igor to throw the big red switch and see how the whole building copes with a power outage (you know, to see if aircon holds up while servers are shut down in an orderly manner, etc, instead of overheating).

      1. big_D Silver badge

        Re: "Assuming CCH has good backup in place"

        Been there, done that, had the complete server room offline. At one client, a new manager decided to actually test the UPS, as opposed to assume the UPSes report that everything was working was correct.

        The batteries were at 100%, according to the UPS, they held a grand total of less than 1 second!

        1. Paul Crawford Silver badge

          Re: "Assuming CCH has good backup in place"

          A test is worth a 1000page SLA...

          1. Anonymous Coward
            Anonymous Coward

            Re: "Assuming CCH has good backup in place"

            I will use that as my motto.

        2. Captain Scarlet Silver badge
          Paris Hilton

          Re: "Assuming CCH has good backup in place"

          1 UPS for a server room, was it overloaded?

          1. big_D Silver badge

            Re: "Assuming CCH has good backup in place"

            Nope, the batteries had gone bad and the UPS still reported them as good.

            This was a large unit for a computer room with an AS/400 and 2 Novell Netware servers.

            The NetWare servers recovered without any issues, the AS/400 spit out its dummy (hard drive bearings ceased as they cooled) and refused to come back up.

            1. Captain Scarlet Silver badge

              Re: "Assuming CCH has good backup in place"

              Ah good, I have seen places where there is literally one UPS with everything plugged into it.

              I am glad most units have a way to self test.

              1. Paul Crawford Silver badge

                Re: I am glad most units have a way to self test

                Yes, and most of our Dell UPS that failed did so as a result of self-testing! Of course, that probably meant they would have failed if a real fault cam along...

                Still not a good show.

  5. Steve @ Ex Cathedra Solutions

    Krebs has a different view...

    Krebs claims that he reported the issue and had spotted open file areas (not customer data) on the server:

    https://krebsonsecurity.com/2019/05/whats-behind-the-wolters-kluwer-tax-outage/

  6. Doctor Syntax Silver badge

    "advising companies running CCH not to freak out just yet."

    Will they advise them when it is time to freak out?

    1. katrinab Silver badge

      When they discover that RAID5 isn't an effective backup strategy.

  7. Anonymous South African Coward Silver badge

    All your encrypted data are belong to us

  8. Anonymous South African Coward Silver badge

    All of these instances make me wonder what will happen when world+dog will wake up to a day where *.* has been encrypted...

    Savvy sysadmins will be doing bare-metal restores while the rest will cluck like anxious chickens, having lost all their data for the umpteenth time.

  9. keithpeter Silver badge
    Coat

    Communications

    Quote from the Krebs on Security post linked to in OA

    "Accounting Today says the limited ability to share updates angered CCH users, many of whom took to social media to air their grievances against a cloud partner they perceive to be ill-prepared for maintaining ongoing service and proper security online."

    Perhaps services companies that depend on the cloud should have a completely separate status reporting system? Just a small system that has nothing in common with the main service (perhaps even with a separate DNS entry).

    I recollect that Sony in the US had to resort to a drawer full of old Blackberrys after their hack five years ago...

    https://www.nytimes.com/2014/12/31/business/media/sony-attack-first-a-nuisance-swiftly-grew-into-a-firestorm-.html?partner=rss&emc=rss&_r=1

  10. Robert Carnegie Silver badge

    Excuse?

    I think "the cloud ate it" won't be acceptable to the tax man expecting your prompt attention, and probably to other important people in your professional life.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021