Global Ransomware Attack | KPMG | BB
Share with your friends

Global Ransomware attack - Is your Organization at risk?

Global Ransomware Attack

Last Friday, 12 May 2017, the unthinkable happened.


Related content

Hundreds of thousands of computers in over 150 countries experienced a ransomware attack where the WannaCry malware started taking over users' files, demanding USD $300 to restore access.

Among the organizations targeted worldwide have been Germany's rail network Deutsche Bahn, Spanish telecommunications operator Telefonica, US logistics giant FedEx and Russia's interior ministry. Also among some of the hardest hit on Friday was the UK National Health Service, where
patient medical records were made inaccessible, forcing hospitals to divert
patients and even cancel surgeries.

The cyber-attack has been attributed to the fact that hackers were able to exploit a vulnerability in the Microsoft Windows operating system, for which Microsoft had issued a patch back in March 2017.

What should be done immediately?

Organizations should ensure the following are performed in a timely manner:

  • Patch Windows systems in your environment (proper testing for production servers). The patch was released in March 2017 as part of MS17-010 / CVE-2017-0147.
  • Verify that all Windows systems have an anti-virus program that it is up-to-date and performing regular scans.
  • Enable strong spam filters to prevent phishing emails from reaching end users.
  • Inform staff to be on the lookout for emails with suspicious attachments and/or links. Staff should notify IT Management if a suspicious email is received.
  • Maintain up-to-date backups of critical data.

How KPMG can help?                                         

KPMG has dedicated Cybersecurity professionals and can help you identify your strengths, weaknesses and develop an action plan to thwart future attacks. We offer the following services to assist you:   

Incident Response: KPMG has developed a cyber operations and incident response program to help clients respond to cyber attack including services such as post breach investigations.

Cyber Maturity Assessment: KPMG professionals will assess and benchmark your organisation on six key areas of Cyber Security and will consider the security, availability and confidentiality of sensitive data.  

External Penetration Testing: KPMG professionals will test your network perimeter and identify weaknesses before hackers do. We will examine your email systems, firewall, Web servers and other externally exposed systems.

Employee Awareness Training Sessions: KPMG professionals will provide your employees with knowledge on how to protect your assets and how to identify and thwart common attacks they may be subject to.

Business Continuity Management: KPMG professionals can assist you develop and implement sustainable business continuity programs that will evolve and adapt to address the ever-changing risk landscape with which we are faced.

© 2018 KPMG, a Barbados and Eastern Caribbean partnership, registered in Barbados, Antigua and Barbuda, Saint Lucia and St. Vincent and the Grenadines, and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved. KPMG and the KPMG logo are registered trademarks of KPMG International Cooperative (“KPMG International”), a Swiss entity.

Connect with us


Request for proposal