EY recommends six immediate steps for organizations to protect themselves and reduce impact of ransomware attacks

en

Actions can help protect from further cyber attacks by WannaCry and other ransomware

<< Back
16/05/2017 |
  • ey

In light of recent cyber attacks focused on global organizations through ransomware, EY is urging organizations worldwide to take immediate action and engage effective response measures to mitigate the effect of these attacks and help protect themselves against future attacks.

Paul van Kessel, EY Global Advisory Cybersecurity Leader, says:

“The recent wave of cyber attacks is proof that cyber criminals are becoming more aggressive and sophisticated, simultaneously targeting all kinds of interconnected organizations across the globe. A cyber criminal’s greatest ally is complacency. Whether you are a Fortune 500 company or a family-owned business, if you don’t take cybersecurity seriously, you are at significant risk of being attacked. EY is closely monitoring the attacks and we urge everyone to take steps that can help keep critical systems and data safe.”

The risk of being attacked increases exponentially when preventative measures are not taken. Failure to take incident response equally seriously can mean the difference between hours and days versus weeks and months of system compromise and outage. There are six actions organizations can take now to help protect their systems, their most valuable assets and their customers, while mitigating against potential damage from emerging threats:

  1. Disconnect infected machines from the network and take all backups offline because they also could become encrypted if left connected to the network.
  2. Activate your incident response plan and don’t treat the investigation as merely an IT issue or exercise. Ensure there is cross-functional representation in the investigation team, including legal, compliance, information security, business, public relations, human resources and other departments.
  3. Identify and address vulnerabilities in your connected ecosystem; sufficiently install security updates, malware detection and anti-virus detection to complicate attackers’ efforts to get back in; enhance detection and response capabilities for future attacks; and prepare for eradication events.
  4. Ensure your systems are patched before powering up PCs. Keep systems up to date with a robust enterprise-level patch and vulnerability management program. This should include a formal, repeatable life cycle to manage vulnerabilities based on risks as they evolve, and a comprehensive asset model that focuses on the exposure of assets to these risks, including any connectivity to other assets.
  5. Activate business continuity plans. Prepare data based on varying requirements for regulatory reporting, insurance claim and dispute, litigation, threat intelligence and/or customer notification.
  6. Collect and preserve evidence in a forensically sound manner so that it is conducive to investigation, and reliable and usable in civil or regulatory matters.

David Remnitz, EY FIDS Global Forensic Technology and Discovery Services (FTDS) Leader, says:

“Malware outbreaks such as WannaCry require companies to respond in a comprehensive and defensible manner. Even after the data is restored, companies sometimes face allegations that sensitive personnel-related or other business information had been compromised in the ransomware attack. Third parties and other stakeholders may require the company to demonstrate forensically that, even if the data was accessed, it was not stolen.”

Back to top  | << Back

Communiqués liés

2017.07.11-remisePSEKKK
24/07/2017

Arendt & Medernach soutient "Fondatioun Kriibskrank Kanner" ...

Arendt & Medernach témoigne à nouveau de son soutien à "Fondatioun Kriibskran...

Arendt & Medernach
représentants Ile aux Clowns BNP Paribas au Luxembourg
21/07/2017

Les collaborateurs de BNP Paribas au Luxembourg soutiennent ...

Remise d’un chèque d’une valeur de 5.800 euros

BGL BNP Paribas
Campagne ING Findel2
19/07/2017

ING News : ING Luxembourg atterrit au Findel !

ING est désormais présente à l’aéroport de Luxembourg-Findel avec le lance...

ING Luxembourg
immoindex-cover HD2
19/07/2017

BIL IMMOindex : le marché immobilier plus dynamique que jam...

D’après la dernière mise à jour du BIL IMMOindex publiée par la Banque Int...

BIL
cristianobortolotti
18/07/2017 Personnalités

Dentons renforce l’équipe fiscale du Benelux et de l’Eu...

Dentons, le plus grand cabinet d’avocats du monde, a renforcé sa pratique fis...

Dentons
35834996281 c35cb7ca0b o
18/07/2017

True Brew Trade Sàrl 3rd anniversary

It’s been 3 years this July, since True Brew Trade Sàrl (TBT) opened its door...

True Brew Trade Sàrl

Il n'y a aucun résultat pour votre recherche

We use cookies to ensure the best experience on our website. By accepting you agree the use of cookies. OK Learn more