by Ty Coffee, Senior Manager, UHY Consulting

There were 623 million ransomware attacks globally in 2021, an increase of 105% from the previous year, according to a report released in February 2022 by SonicWall, a San Jose, California-based cybersecurity firm. Separately, staffing firms can take steps to reduce the chance of becoming victims of such attacks.

The war in Ukraine has also increased alarm over cybersecurity. In a sign of concern, President Joe Biden signed into law legislation in March 2022 that requires companies that provide critical infrastructure to report cyberattacks within 72 hours and to report ransom payments within 24 hours. There have also been other warnings about cyberattacks as well.

Some staffing firms have also been hit with cyberattacks. “Ransomware is the No. 1 cybersecurity concern for staffing companies followed by compromised business emails”, said Ty Coffee, senior manager at UHY, an independent CPA firm that works with staffing companies.

Staffing firms might be particularly vulnerable given the large number of people and clients they deal with, and they tend to be more open to new relationships.

“In general, staffing companies are more susceptible to it because they are more open to communications and more open to random communications than some other entities would be,” Coffee said.

Firms should work with employees to make sure they take a harder look at emails and handle them correctly, not just do something such as immediately downloading a PDF from an unknown sender. “You’ve got to train your people what the risks are — what to look for in those communications,” Coffee said.

In addition, companies should add email filters — tools to scan attachments — and put in place other technology measures to help prevent malware. Another tactic: Make sure people have a way to report if they’ve clicked on something they think may be malware or if something doesn’t seem right.