FBI Warns of Increased Threat from Iranian Cyber Actors
Earlier this morning, after seeing an increase in malicious activity, the FBI, in partnership with the DHS, CISA, NSA, and DCS, released a Fact Sheet urging US Entities and Organizations to take added precautions and to re-review security protocols, reducing and limiting vulnerabilities in their environment. This report includes EIGHT mitigations strategies that network owners should consider to improve the overall security of their network.
These including limiting specialized system access to the Internet, increasing password policies and MFA, implementing new MFA standards, applying patches, increase monitoring and access logs, urgent response to intrusions, monitoring for leaked credentials, and updating a business continuity plan.
The FBI Report can be located here. Financial Guardians is releasing a walkthrough of these eight steps this evening.
IRS Announced Updated Security for PTIN Holders
Over the weekend, the IRS sent an e-mail to PTIN holders stating that ID.me would now be required to access the PTIN System. The current (legacy) method requires a username and password with a limited-use MFA code. This shift was announced a while ago and now brings the PTIN System into compliance with the IRS’ goal to centralize credential management. The ID.me credential has been required for many other IRS systems already so this should be an easy migration for most.
If you are a tax professional who does not have an ID.me account, you will be required to create one. Please note that this can take additional time and, if you fail authorization, may require you to speak with a representative. Please allow extra time.
Please note the following:
This change should require an update to your WISP (Written Information Security Plan).
When working with ID.me, you should setup an authenticator app instead of text or e-mail. ID.me also notifies you of this upon login.
Information about the PTIN program can be located here. Information about ID.me can be located here.
TIGTA Released Two Updated Reports
TIGTA, the Treasury Inspector General for Tax Administration, released two new reports recently. One is very technology-focused while the other is, let’s just say a bit concerning.
Report 2025-IE-R020
TIGTA conducted an inventory of the firearms issued to the IRS and related parties. This inventory review included 6,261 firearms, including 3,647 that are currently in storage.
All firearms were accounted for, but the inventory system used was not properly managed. This included 33 incorrectly assigned, 84 unassigned, 68 not inventoried, 12 with wrong assignments, and 4 needing destroyed.
In total, about 3% of the inventory was incorrect. That accounts for over 200 firearms that were not properly managed.
Report 2025-S20-007
During this review, it was determined that the IRS’ cybersecurity program was not fully effective.
Authentication and identity management was determined sufficient - this is an area that was not sufficient last year.
Authorization or access granted to systems or data was not always necessary or justified.
This has been corrected since the initial report was filed.
Taking nearly 6 months to identify and correct network vulnerabilities was determined to be insufficient, including nearly 60,000 known vulnerabilities still unpatched.
System logging has dramatically increased since last year but is still insufficient.
A large portion of the redacted report included concerns over insider threats. Not too much can be detailed from this given the level the report has been redacted.
About ten additional system management issues were identified, including lack of duty segregation and more.
If you do not fully understand an issues or if you need assistance working through a resolution, the team here at Financial Guardians is available for Individual Support Calls to assist with any individual or specific matters.
Financial Guardians is a proud member of InCite, the recently launched online community exclusively for tax professionals, bookkeepers, and accountants. InCite members receive a 30% discount.
Financial Guardians has partnered with the California Society of Tax Consultants to provide a 30% access discount as well as many other offers. More info can be found at www.cstcsociety.org
