Dutch company Wolters Kluwer makes the software on which many of the world’s small and mid-sized accounting firms run.
Last week, a cyberattack took down that software and presented a case study in how not to communicate with customers over a hack.
The company told its followers on Facebook and Twitter on May 6 that, out of caution, it had taken some of its cloud-based software applications offline. But the opaque 48-word statement didn’t explain why, and left customers frustrated and worried.
"Going dark as much as you have has done nothing to stop us from fearing the worst," one person replied on Twitter. "Has there been a security breach?" asked another.
Martin Wuite, chief information officer at Wolters Kluwer, was trying to find out, too. He’d become aware of anomalies in his company’s servers around 2pm Central European Time on Monday after an automated monitoring system had flagged something was wrong.
"Customers were alerted immediately as soon as we discovered the issue," he said. "When we detected the malware, we proactively took a broad range of platforms offline to protect our customers’ data."
Wolters Kluwer, based in small town in the Netherlands and with a market value of around $19 billion, is a little known accounting software giant, providing services to health, tax and compliance industries. According to the company, 93 per cent of Fortune 500 companies are its customers.
While Mr Wuite worked on Monday in Holland to uncover the extent of the problem, Amber Deiterich, a senior tax accountant at Collings CPA Firm in Tuscon, Arizona, arrived for work prepared for a busy week. Collings’ non-profit clients face a May 15 deadline to file their tax returns with the US Internal Revenue Service. Failing to do so may result in financial penalties.
Turning on her office computer, Ms Deiterich noticed the software she uses for everything from entering client data to electronically filing tax returns, wasn’t working. She’d become accustomed to periodic outages of Wolters Kluwer software - which includes CCH SureTax and CCH Axcess - since her firm signed on as a customer in the fall of 2018.
But this time, something was different. A message told her the software was down for “scheduled maintenance” and wasn’t expected to be up and running again until the next day. She tried to check the website of Wolters Kluwer, but that was offline too. When she called a customer support number in the US a message said the company was experiencing technical difficulties. Then the line went dead.
Ms Deiterich turned to social media, where CCH customers across the world were complaining of the same issue. Almost 24 hours after the outage first began, she saw the short message Wolters Kluwer had posted to its US Facebook page - not a channel the company had used for such important communication before - about its "network and service interruptions".
"You could do a basic Google search and find out more than they were reporting,” she said.
Two years ago this month, the UK’s National Health Service was one of innumerable institutions crippled by a cyber attack and a piece of malware called WannaCry. The Dutch malware attack has seen Wolters Kluwer join a growing list of high-profile companies and institutions that failed to protect their core assets from devastating cyber-attacks.
Kris McKonkey, who heads the cyber threat detection and response team for accounting and consulting firm PwC in the UK, said that attacking the "software supply chain" - especially enterprise software that is used across a particular industry or sector - is an increasingly popular tactic for sophisticated hackers, including groups associated with nation-states.
In 2017, malware known as NotPetya targeted accounting software called ME Doc which was used throughout the Ukraine. From there, the attack spread around the globe, ultimately crippling operations at AP Moller-Maersk and a number of other companies. Total damages from NotPetya are thought to run to a reported $10bn. Security experts believe NotPetya was launched by Russia as part of an on-going cyber campaign against Ukraine.
On Tuesday, about 24 hours after Wolters Kluwer confirmed malicious software in its network was the cause of the disruption. More products were pulled offline to try and limit damage.
"We have a deadline on 5/15 and need to be filing extensions/returns," one person wrote in response on Twitter. "Wolters Kluwer, you are going to be responsible for any penalties and interest," another vented.
During the outage, Ms Deiterich said she and the other tax accountant who works for Collings, plus an executive assistant, sat idle. Unable to access their time keeping records on CCH, Collings missed its payroll deadline, meaning Ms Deiterich and the other tax professionals will get paid late.
Collings had considered resorting to old-fashioned paper forms to meet tax filing deadlines for clients, she said, but even doing that was problematic because all of the client data they needed to fill in those forms was inaccessible, stored on the CCH servers.
Many of Wolters Kluwer's clients are small to mid-sized accountancy firms who rely on a whole suite of products. Both Collings CPA and the Tidwell Group, a firm of 200 accountants and consultants headquartered in Birmingham, Alabama, use CCH’s software not just to file client tax returns, but to keep track of their own billing and accounts receivable.
"We are one of the firms that has gone all-in with them," Wayne Jordan, the chief information officer at Tidwell Group said of CCH’s suite of products. “Without it, we were fairly helpless.”
On May 8, Wolters Kluwer published a statement to say it had created a temporary telephone support line, but with a caveat: "While we may not be able to directly answer your question, we will forward your inquiry internally to the appropriate party."
It wasn’t until the afternoon of Thursday, May 9, that Mr Jordan discovered service had been restored and he could electronically file tax returns with the IRS. He only found out by repeatedly trying to use the service, not through any official channel, he said. “Communication was the biggest problem we experienced throughout the whole event.”
Even Wolters Kluwer’s staff were kept in the dark. When asked on Thursday about reports about a malware attack on the company, one customer service representative based in Canada said: "We don’t have any information so far, we don’t know yet what happened."
Mr Wuite told Bloomberg that the company had seen "no evidence that customer data or systems were compromised or that there was a breach of confidentiality of that data" and that law enforcement had been alerted to the breach. There was no indication of data loss or other effects, nor any potential risk to client data, he said. The company told Bloomberg on May 11 that it had agreed with the IRS to grant tax filing extensions to some customers affected by the outages.
Many products are now back online, while some of which were functional since May 7. Mr Wuite said it’s working with third-party forensic firms to discover the "root cause" of the attack, but was unable to confirm which piece of malware - and which individual or other entity - was responsible for deploying it.
Mr McKonkey said that hackers will often try to compromise the servers that send out updates and patches to all users of that software, passing off their malware as a legitimate update. In some cases, the hackers’ target may be one specific firm that they know use that software and the other firms in the industry are simply considered "collateral damage". This is called "a waterhole attack", Mr McKonkey said, because it is like hunters staking out a water source in the Savannah to find big game.
"If you get the right software, you are guaranteed to get a whole swath of victims in that specific area," he said.
Guns N’ Roses’s last gig before Abu Dhabi was in Hong Kong on November 21. We were there – and here’s what they played, and in what order. You were warned.
- It’s So Easy
- Mr Brownstone
- Chinese Democracy
- Welcome to the Jungle
- Double Talkin’ Jive
- Better
- Estranged
- Live and Let Die (Wings cover)
- Slither (Velvet Revolver cover)
- Rocket Queen
- You Could Be Mine
- Shadow of Your Love
- Attitude (Misfits cover)
- Civil War
- Coma
- Love Theme from The Godfather (movie cover)
- Sweet Child O’ Mine
- Wichita Lineman (Jimmy Webb cover)
- Wish You Were Here (instrumental Pink Floyd cover)
- November Rain
- Black Hole Sun (Soundgarden cover)
- Knockin’ on Heaven’s Door (Bob Dylan cover)
- Nightrain
Encore:
- Patience
- Don’t Cry
- The Seeker (The Who cover)
- Paradise City
Result
UAE (S. Tagliabue 90 1') 1-2 Uzbekistan (Shokhruz Norkhonov 48', 86')
if you go
The flights
Air Astana flies direct from Dubai to Almaty from Dh2,440 per person return, and to Astana (via Almaty) from Dh2,930 return, both including taxes.
The hotels
Rooms at the Ritz-Carlton Almaty cost from Dh1,944 per night including taxes; and in Astana the new Ritz-Carlton Astana (www.marriott) costs from Dh1,325; alternatively, the new St Regis Astana costs from Dh1,458 per night including taxes.
When to visit
March-May and September-November
Visas
Citizens of many countries, including the UAE do not need a visa to enter Kazakhstan for up to 30 days. Contact the nearest Kazakhstan embassy or consulate.
COMPANY%20PROFILE
%3Cp%3E%3Cstrong%3ECompany%20name%3A%3C%2Fstrong%3E%20Switch%20Foods%3Cbr%3E%3Cstrong%3EStarted%3A%3C%2Fstrong%3E%202022%3Cbr%3E%3Cstrong%3EFounder%3A%3C%2Fstrong%3E%20Edward%20Hamod%3Cbr%3E%3Cstrong%3EBased%3A%3C%2Fstrong%3E%20Abu%20Dhabi%2C%20UAE%3Cbr%3E%3Cstrong%3EIndustry%3A%3C%2Fstrong%3E%20Plant-based%20meat%20production%3Cbr%3E%3Cstrong%3ENumber%20of%20employees%3A%3C%2Fstrong%3E%2034%3Cbr%3E%3Cstrong%3EFunding%3A%3C%2Fstrong%3E%20%246.5%20million%3Cbr%3E%3Cstrong%3EFunding%20round%3A%3C%2Fstrong%3E%20Seed%3Cbr%3E%3Cstrong%3EInvestors%3A%3C%2Fstrong%3E%20Based%20in%20US%20and%20across%20Middle%20East%3C%2Fp%3E%0A
Global state-owned investor ranking by size
|
1.
|
United States
|
|
2.
|
China
|
|
3.
|
UAE
|
|
4.
|
Japan
|
|
5
|
Norway
|
|
6.
|
Canada
|
|
7.
|
Singapore
|
|
8.
|
Australia
|
|
9.
|
Saudi Arabia
|
|
10.
|
South Korea
|
MATCH INFO
France 3
Umtiti (8'), Griezmann (29' pen), Dembele (63')
Italy 1
Bonucci (36')
Florida: The critical Sunshine State
Though mostly conservative, Florida is usually always “close” in presidential elections. In most elections, the candidate that wins the Sunshine State almost always wins the election, as evidenced in 2016 when Trump took Florida, a state which has not had a democratic governor since 1991.
Joe Biden’s campaign has spent $100 million there to turn things around, understandable given the state’s crucial 29 electoral votes.
In 2016, Mr Trump’s democratic rival Hillary Clinton paid frequent visits to Florida though analysts concluded that she failed to appeal towards middle-class voters, whom Barack Obama won over in the previous election.
RESULT
Brazil 2 Croatia 0
Brazil: Neymar (69'), Firmino (90' 3)
Red flags
- Promises of high, fixed or 'guaranteed' returns.
- Unregulated structured products or complex investments often used to bypass traditional safeguards.
- Lack of clear information, vague language, no access to audited financials.
- Overseas companies targeting investors in other jurisdictions - this can make legal recovery difficult.
- Hard-selling tactics - creating urgency, offering 'exclusive' deals.
Courtesy: Carol Glynn, founder of Conscious Finance Coaching
Ferrari 12Cilindri specs
Engine: naturally aspirated 6.5-liter V12
Power: 819hp
Torque: 678Nm at 7,250rpm
Price: From Dh1,700,000
Available: Now
Profile Idealz
Company: Idealz
Founded: January 2018
Based: Dubai
Sector: E-commerce
Size: (employees): 22
Investors: Co-founders and Venture Partners (9 per cent)
How to wear a kandura
Dos
- Wear the right fabric for the right season and occasion
- Always ask for the dress code if you don’t know
- Wear a white kandura, white ghutra / shemagh (headwear) and black shoes for work
- Wear 100 per cent cotton under the kandura as most fabrics are polyester
Don’ts
- Wear hamdania for work, always wear a ghutra and agal
- Buy a kandura only based on how it feels; ask questions about the fabric and understand what you are buying
RESULTS
Lightweight (female)
Sara El Bakkali bt Anisha Kadka
Bantamweight
Mohammed Adil Al Debi bt Moaz Abdelgawad
Welterweight
Amir Boureslan bt Mahmoud Zanouny
Featherweight
Mohammed Al Katheeri bt Abrorbek Madaminbekov
Super featherweight
Ibrahem Bilal bt Emad Arafa
Middleweight
Ahmed Abdolaziz bt Imad Essassi
Bantamweight (female)
Ilham Bourakkadi bt Milena Martinou
Welterweight
Mohamed Mardi bt Noureddine El Agouti
Middleweight
Nabil Ouach bt Ymad Atrous
Welterweight
Nouredine Samir bt Marlon Ribeiro
Super welterweight
Brad Stanton bt Mohamed El Boukhari
Company profile
Name: GiftBag.ae
Based: Dubai
Founded: 2011
Number of employees: 4
Sector: E-commerce
Funding: Self-funded to date
FA CUP FINAL
Manchester City 6
(D Silva 26', Sterling 38', 81', 87', De Bruyne 61', Jesus 68')
Watford 0
Man of the match: Bernardo Silva (Manchester City)
The rules on fostering in the UAE
A foster couple or family must:
- be Muslim, Emirati and be residing in the UAE
- not be younger than 25 years old
- not have been convicted of offences or crimes involving moral turpitude
- be free of infectious diseases or psychological and mental disorders
- have the ability to support its members and the foster child financially
- undertake to treat and raise the child in a proper manner and take care of his or her health and well-being
- A single, divorced or widowed Muslim Emirati female, residing in the UAE may apply to foster a child if she is at least 30 years old and able to support the child financially
THE BIO: Martin Van Almsick
Hometown: Cologne, Germany
Family: Wife Hanan Ahmed and their three children, Marrah (23), Tibijan (19), Amon (13)
Favourite dessert: Umm Ali with dark camel milk chocolate flakes
Favourite hobby: Football
Breakfast routine: a tall glass of camel milk
POWERWASH%20SIMULATOR
%3Cp%3E%3Cstrong%3EDeveloper%3A%3C%2Fstrong%3E%20FuturLab%3Cbr%3E%3Cstrong%3EPublisher%3A%20%3C%2Fstrong%3ESquare%20Enix%20Collective%3Cbr%3E%3Cstrong%3EConsole%3A%20%3C%2Fstrong%3ENintendo%20Switch%2C%3Cstrong%3E%20%3C%2Fstrong%3EPlayStation%204%20%26amp%3B%205%2C%20Xbox%20Series%20X%2FS%20and%20PC%3Cbr%3E%3Cstrong%3ERating%3A%3C%2Fstrong%3E%204%2F5%3C%2Fp%3E%0A
Is it worth it? We put cheesecake frap to the test.
The verdict from the nutritionists is damning. But does a cheesecake frappuccino taste good enough to merit the indulgence?
My advice is to only go there if you have unusually sweet tooth. I like my puddings, but this was a bit much even for me. The first hit is a winner, but it's downhill, slowly, from there. Each sip is a little less satisfying than the last, and maybe it was just all that sugar, but it isn't long before the rush is replaced by a creeping remorse. And half of the thing is still left.
The caramel version is far superior to the blueberry, too. If someone put a full caramel cheesecake through a liquidiser and scooped out the contents, it would probably taste something like this. Blueberry, on the other hand, has more of an artificial taste. It's like someone has tried to invent this drink in a lab, and while early results were promising, they're still in the testing phase. It isn't terrible, but something isn't quite right either.
So if you want an experience, go for a small, and opt for the caramel. But if you want a cheesecake, it's probably more satisfying, and not quite as unhealthy, to just order the real thing.
BlacKkKlansman
Director: Spike Lee
Starring: John David Washington; Adam Driver
Five stars
Christopher Robin
Starring: Ewan McGregor, Haley Atwell, Jim Cummings, Peter Capaldi
Three stars
25-MAN SQUAD
Goalkeepers: Francis Uzoho, Ikechukwu Ezenwa, Daniel Akpeyi
Defenders: Olaoluwa Aina, Abdullahi Shehu, Chidozie Awaziem, William Ekong, Leon Balogun, Kenneth Omeruo, Jamilu Collins, Semi Ajayi
Midfielders: John Obi Mikel, Wilfred Ndidi, Oghenekaro Etebo, John Ogu
Forwards: Ahmed Musa, Victor Osimhen, Moses Simon, Henry Onyekuru, Odion Ighalo, Alexander Iwobi, Samuel Kalu, Paul Onuachu, Kelechi Iheanacho, Samuel Chukwueze
On Standby: Theophilus Afelokhai, Bryan Idowu, Ikouwem Utin, Mikel Agu, Junior Ajayi, Valentine Ozornwafor
Lowest Test scores
26 - New Zealand v England at Auckland, March 1955
30 - South Africa v England at Port Elizabeth, Feb 1896
30 - South Africa v England at Birmingham, June 1924
35 - South Africa v England at Cape Town, April 1899
36 - South Africa v Australia at Melbourne, Feb. 1932
36 - Australia v England at Birmingham, May 1902
36 - India v Australia at Adelaide, Dec. 2020
38 - Ireland v England at Lord's, July 2019
42 - New Zealand v Australia in Wellington, March 1946
42 - Australia v England in Sydney, Feb. 1888
PROFILE
Name: Enhance Fitness
Year started: 2018
Based: UAE
Employees: 200
Amount raised: $3m
Investors: Global Ventures and angel investors
Read more about the coronavirus
Key products and UAE prices
iPhone XS
With a 5.8-inch screen, it will be an advance version of the iPhone X. It will be dual sim and comes with better battery life, a faster processor and better camera. A new gold colour will be available.
Price: Dh4,229
iPhone XS Max
It is expected to be a grander version of the iPhone X with a 6.5-inch screen; an inch bigger than the screen of the iPhone 8 Plus.
Price: Dh4,649
iPhone XR
A low-cost version of the iPhone X with a 6.1-inch screen, it is expected to attract mass attention. According to industry experts, it is likely to have aluminium edges instead of stainless steel.
Price: Dh3,179
Apple Watch Series 4
More comprehensive health device with edge-to-edge displays that are more than 30 per cent bigger than displays on current models.
LOS ANGELES GALAXY 2 MANCHESTER UNITED 5
Galaxy: Dos Santos (79', 88')
United: Rashford (2', 20'), Fellaini (26'), Mkhitaryan (67'), Martial (72')
