A brief overview of the ICAI advisory warning CA firms about the rising ransomware attacks targeting NAS devices and the urgent need to strengthen cybersecurity measures.
Saloni Kumari | Mar 14, 2026 |
ICAI’s Advisory on Rising Ransomware Incidents Targeting CA Firms Through NAS Devices
According to the information disclosed by the National Cyber Crime Reporting Portal (NCRP), the Indian Cyber Crime Coordination Centre (I4C) has recently noted a sudden increment in ransomware incidents/attacks that are targeting Chartered Accountancy firms and consulting organisations in India. As per the reports, these criminal groups are conducting targeted cyber-attacks against Network Attached Storage (NAS) devices used by these organisations. These attacks even lead to the complete encryption of business data, theft of sensitive information, and ransom demands from attackers.
Now, many of you must be wondering what a Network Attached Storage (NAS) device is. So, it is a file storage device directly linked to the network of the organisation. Also, this device provides a centralised location to access the data for multiple users and client devices. It works like a private cloud used to store key data such as financial records, client documents, and internal files. Since data in NAS devices is stored at a centralised location, it may lead to complete data loss of both primary and backups. Making it sometimes really difficult to access the data. This is the reason why ransomware groups are targeting NAS devices. If a NAS device is exposed to the internet, poorly configured, or running outdated software, attackers can easily exploit it regardless of the brand or model.
To find these NAS devices with exposed management interfaces, the attackers typically begin by scanning the internet. Thereafter, they gain access to them by exploiting security vulnerabilities, weak passwords, or systems that do not use multi-factor authentication. After that, they are easily able to steal sensitive information/data of clients before deploying ransomware that encrypts all files stored on the NAS device, including backups. After the encryption, they ask for a ransom demand and threaten to leak the data publicly if payment is not made.
Refer to the official advisory for complete information.
In case of any Doubt regarding Membership you can mail us at [email protected]
Join Studycafe's WhatsApp Group or Telegram Channel for Latest Updates on Government Job, Sarkari Naukri, Private Jobs, Income Tax, GST, Companies Act, Judgements and CA, CS, ICWA, and MUCH MORE!"
