Diary Entry – 27 March 2025

With a downloadable cyber security guide

What happens when ‘What if?’ becomes ‘What now?’

I don’t even know where to begin… this morning feels like a lifetime ago.  It started as a normal day, with me rushing into the office, coffee in hand, thinking about our upcoming tax season workload.  We’re a small accounting firm—fifteen of us in total—handling dozens of clients who trust us with their sensitive financial data.

Lately, I’d been feeling uneasy.  I’d noticed small things—odd logins at weird hours, sluggish network performance, a couple of staff complaining that they had to reset their passwords more frequently than usual.  I chalked it up to routine glitches, maybe a misconfigured update.  We’re small; we don’t have a dedicated cyber security team, just me wearing too many hats.  I made a mental note to look into it more deeply over the weekend.  That was my mistake.

This morning, it all unravelled.  I was in the middle of answering an email when Becky, our senior accountant, shouted across the office that she couldn’t access our main accounting system.  Within seconds, Tom, our payroll specialist, said he was locked out too.  Then, one by one, people started panicking.  Every screen in the office turned black, then flashed with a message in red: “Your files have been encrypted.  Pay 15 Bitcoin to recover.”

Ransomware!.. My stomach dropped, my hands shook as I tried logging into our backup servers—also locked.  Email? Inaccessible.  Cloud storage? Corrupted.  Every file, every tax return, payroll report, and client record… all gone in an instant.  The room filled with a suffocating silence.  I could see the fear on my colleagues’ faces.

Panic turned to anger, how did this happen?  How did we let this happen?  Clients were already calling—had they been compromised?  Were their banking details at risk?

I called an emergency meeting in the breakroom. People were tense, some pacing, some staring at the floor, some just… frozen. I took a deep breath and told them the truth: We were under attack, but we were going to fight back.

Then, I called in the experts.  A cyber security company was on the scene within the hour. They worked fast, assessing the damage, isolating infected machines, and launching forensic scans.  They found the entry point—an employee had unknowingly clicked a malicious email link a week ago.  The attackers had been inside our network for days, watching, waiting for the perfect moment to strike, I felt sick.

The experts did their job.  Within hours, they had stopped the spread, cut off external access, and started the painful process of recovery.  We were lucky—some critical files could be restored from an offline backup, but we’d still lost days of work.  We wouldn’t be paying the ransom, but we’d pay in other ways—lost trust, lost productivity, and the looming threat of compliance penalties.

Now, as I sit here in my office, staring at my screen, I feel drained.  The adrenaline is fading, replaced by exhaustion, regret, and guilt.  I should have done more, I should have taken the warning signs seriously.

Tomorrow, we rebuild. We’ll train our team on cyber security awareness. We’ll invest in better equipment and defences. We’ll ensure this never happens again.

But tonight? Tonight, I just feel defeated.