He said: “We have noticed an increased threat from ransomware over the last few months. More and more companies are being targeted and the level of time and resource spent on dealing with it is increasing. It’s important that people realise that this threat is real and that it exists because of two factors. The first is that the expertise can be bought, you don’t need to be an expert to do this. The second is that the economics make it more than viable. Companies should revisit their risk assessments in light of this and make sure that they are still appropriate. Remember that dealing with this will require a mixture of training and awareness and a security aware culture in addition to technology measures.”
Konrads Smelkovs, a manager in KPMG’s cyber security practice, adds: “Ransomware really drives the point home that traditional anti-virus solutions aren’t infallible. The criminals use tools called “crypters” which obfuscate the malware until it is not recognised by the anti-virus products. You need different tools to protect; it also drives home the point about backups and data archiving. Some customers have had a very expensive disaster happen to them when they noticed that ransomware encrypted data that was meant to be kept for decades but was backed up on a monthly rotation cycle. After 30 days, backups contained only encrypted data.”
- ENDS -
Nahidur Rahman, KPMG Press Office
T: +44 (0)207 694 8812
M: +44 (0)7881 916 975
KPMG Press office: +44 (0)207 694 8773
Follow us on twitter: @kpmguk
KPMG LLP, a UK limited liability partnership, operates from 22 offices across the UK with approximately 12,000 partners and staff. The UK firm recorded a turnover of £1.9 billion in the year ended September 2014. KPMG is a global network of professional firms providing Audit, Tax, and Advisory services. It operates in 155 countries and has 162,000 professionals working in member firms around the world. The independent member firms of the KPMG network are affiliated with KPMG International Cooperative ("KPMG International"), a Swiss entity. Each KPMG firm is a legally distinct and separate entity and describes itself as such.
This article represents the views of the author only, and does not necessarily represent the views or professional advice of KPMG in the UK.