Enterprises worldwide must mobilize immediately, implementing effective response measures to lower the impact of cyber-attacks and to strengthen their shields against future attacks, Ernst & Young said on Thursday, in the context of recent cyber-attacks targeting international businesses and organizations via ransomware (malware that encrypts files asking for ransom to decrypt them.
Panayiotis Papayannakopoulos, Director of the Advisory Services Division of EY Greece and head of the Cybersecurity & Data Privacy Advisory Services, noted: “The recent wave of cyber-attacks has shown that cybercriminals are evolving and becoming more aggressive. The biggest ally of cybercriminals is complacency. Whether you are in a multinational company or a family business, if you do not take cyber-security seriously, you are at great risk of attack. Companies, both abroad and in our country, should be in constant vigilance to be able to resist these attacks and protect their information systems. In EY, we are closely following the attacks and urging all businesses to take measures that can help secure critical information systems and data protection. ”
According to EY, the risk of attack increases exponentially when preventive measures are not taken.
Also, non-serious handling of an attack incident may mean lengthening the downtime of information systems from hours or days to weeks or months.
As the EY notes in a statement, there are six actions that organizations can now deploy to protect their information systems, their most valuable asset and their customers, while mitigating possible
damage from emerging threats.
1. Disconnect virus-infected machines from the network as well as all backups, as they could also be encrypted if they remain connected to the network.
2. Enable the incident response plan and do not approach this investigation as another IT department issue or a simple exercise. Verify that all departments are represented in the research team, including the legal department, compliance departments, information security, public relations, human resources and other departments.
3. Identify and address the vulnerabilities of your associated ecosystem. Install the latest patches, malware detection, and anti-virus detection to complicate the malicious attempts to invade your IT systems again. Enhance detection and response capabilities in future attacks and get better prepared to eliminate similar incidents in the future.
4. Make sure that your systems have all the latest security program updates installed before you turn on computers. Keep systems up-to-date with a powerful vulnerability recognition and vulnerability and security program update program. This should include a formal, recurring life cycle to manage weaknesses based on evolving threats and a comprehensive IT asset management model focusing on the exposure of goods to these risks, including any connectivity with other goods.
5. Enable Business Continuity Plans. Prepare data for issuing all necessary regulatory reports, insurance indemnities and court disputes (if any) and customer alert information.
6. Collect and maintain the evidence in a proper procedural manner so that it can contribute to research and be reliable and useful in civil or regulatory affairs.
Giannis Drakoulis, head of the Department of Investigation of Financial Fraud and Corporate Disputes in Greece, said: “Such malicious software attacks such as WannaCry require businesses to respond in a comprehensive, fast and reliable way. Even after recovering the data, companies often face accusations that sensitive personal or other business information was threatened during the attack. The company may be called upon to prove in a documented manner that even if such data were available, they were not stolen. “