• Register
Return to: Home > News > Ransomware taking data hostage has given professionals the opportunity to prove their worth as ‘trusted advisors’

Ransomware taking data hostage has given professionals the opportunity to prove their worth as ‘trusted advisors’

The recent WannaCry Ransomware cyber-attack has plagued companies in 150 countries holding data for ransom and the accountancy profession was quick to react and offer the following roundup of advice to businesses. 

The malware that locks your computer until you pay a fee, in web currency Bitcoin, is not only a business data threat, but is also life threatening, with the high profile victim being the UK’s NHS.

Digital extortion has been around since 2005 but the most recent attackers have developed cryptware, which encrypts your files using a private key that only they possess. The Ransomware has a countdown clock stating all data would be deleted unless a payment was received.

PwC cybersecurity partner Marin Ivezic said that some clients had been working around the clock to restore systems and install software updates. He added that the attack has forced some more mature clients affected to abandon their usual cautious testing of patches to do unscheduled downtime and urgent patching, which is causing some inconvenience.

Deloitte Cyber Intelligence Centre associate director Paul Orffer told Engineering News Online that companies often saw paying a ransom as the easy way out. He advised: “The only way to recover from this is to do a complete reinstall and restoration of an affected company’s data, while simultaneously containing the malware.”

Orffer advised that even if a company receives the decryption key, these can also be a backdoor to a re-encryption, therefore companies need to be more vigilant. Ransomware attacks should be tackled through a triangle of people-process-technology, Orferr warned, to look at it in its entirety rather than only focusing on the technological aspect and blaming technology alone as the cause of the problem.

This latest ransomware initially charged companies $300 and Orffer said that this has now jumped up to $600. Orffer noted there were four Bitcoin wallets for this ransomware and across them there have been 262 recorded transactions, totalling $72,800.

EY global advisory cybersecurity leader Paul van Kessel said: “Cyber criminals are becoming more aggressive and sophisticated, simultaneously targeting all kinds of interconnected global organisations. A cyber criminal’s greatest ally is complacency, whatever the company size and if you don’t take cybersecurity seriously you are at significant risk.”

EY has urged worldwide organisations to take immediate action and recommended six steps:

  1. Disconnect infected machines from the network and take all backups offline to stop the spread.
  2. Activate an incidence response plan with a cross-functional investigation team, across all relevant departments.
  3. Identify and address vulnerabilities, such as installing security, updates, malware detection and anti-virus protection, so that attackers cannot re-enter and capabilities will be improved for future attacks.
  4. Ensure your systems are patched before powering up PCs and keep systems up to date with an enterprise-level patch and vulnerability management program.
  5. Activate business continuity plans by preparing data on requirements of their services.
  6. Collect and preserve evidence in a forensically sound manner for investigation.

EY global forensic tehnology and discovery services leader David Remnitz said: “Even after the data is restored, companies sometimes face allegations that sensitive personnel-related or other business information had been compromised. Third parties and other stakeholders may require the company to demonstrate forensically that data was accessed, but not stolen.”

KPMG Italy Advisory senior manager in information risk management Andrea Zapparoli Manzoni told Reuters: "The haphazard attack is distributed patchy. This particular ransomware contains a vulnerability, called Eternal Blue, which was developed in USA intelligence circles and was then stolen. That gives you an idea about why the level is risk is particularly high. The aim isn’t to hit any specific country but to strike as widely as possible to make money.”

The first targets are hospitals, according to Manzoni, as they are vulnerable and simply cannot afford to lose their data. BDO head of international cybersecurity Shahryar Shaghaghi agreed that every industry is threatened but especially healthcare organisations as their vulnerable security systems are easy to penetrate.

The severity of cyber threat is high and should be addressed at board level, and sufficient resources should be allocated to protect, detect, respond and recover, according to BDO. Companies do invest in security technology but that is being undermined by different attack methods meaning traditional methods are no longer enough.

Top Content

    France: professionalising advisory in times of transformation

    Six months into Macron’s presidency and as reforms starts to filter through, what are the main considerations for the accountancy profession? Vincent Huck reports from the French Institute for Accountants’ (Ordre des Experts-Comptables – OEC) annual congress

    read more

    France’s next revolution: boosting the economy, with advisory backing

    As French minister for the economy and finance, Bruno Le Maire took the stage at the final plenary session of the 72nd congress of the French Institute of Chartered Accountants (Ordre des Experts-Comptables) in Lille, he faced a somewhat hostile audience who had booed government initiatives during previous speeches. But the well-prepared minister told the French profession what it wanted to hear and left with a standing ovation. Whether the government will deliver what he promises remains to be seen. Vincent Huck reports

    read more

    Editor's letter: Nine seconds to make or break

    Time is relative. When Usain Bolt runs 100 metres in a little over nine seconds, time flies and feels like a fleeting instant of dream. But, when six professionals sitting on a panel meet a question with deafening silence for nine seconds, then time painfully drags on in embarrassment.

    read more

    Digital disruption: Do you know your blockchain and AI?

    Digital disruption and its implications for accountancy firms was the topic of a panel discussion chaired by editor Vincent Huck at the BKR International annual conference held in London in October. Here are some of the highlights

    read more
Privacy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.