Last Friday May 12, 2017, the unthinkable happened.
Is your Organization at risk?
Hundreds of thousands of computers in over 150 in countries experienced a ransomware attack where the WannaCry malware started taking over users' files, demanding USD 300 to restore access.
Among the organizations targeted worldwide have been Germany's rail network Deutsche Bahn, Spanish telecommunications operator Telefonica, US logistics giant FedEx and Russia's interior ministry. Also among some of the hardest hit on Friday was the UK National Health Service, where patient medical records were made inaccessible, forcing hospitals to divert patients and even cancel surgeries.
The cyber-attack has been attributed to the fact that hackers were able to exploit a vulnerability in the Microsoft Windows operating system, for which Microsoft had issued a patch back in March 2017.
At KPMG’s Cybersecurity breakfast seminar held in April 2017, “Missing the Basics”, for example, not applying a simple security fix on an overlooked server, was identified as one of the vulnerabilities that can negatively impact business operations. This reiterates the importance for organizations to maintain vigilance with respect to increasing their level of awareness and re-assessing their Cybersecurity strategies.
What should be done immediately?
Organizations should ensure the following are performed in a timely manner:
How KPMG can help?
KPMG has dedicated Cybersecurity professionals and can help you identify your strengths, weaknesses and develop an action plan to thwart future attacks. We offer the following services to assist you:
Incident Response: KPMG has developed a cyber operations and incident response program to help clients respond to cyber attack including services such as post breach investigations.