EY Ireland reaction to WannaCry cyber-attack

“WannaCry will go down in history as a wake-up call for organisations of all sizes to pay attention to the basics – keep your systems up-to-date with software patches, make regular backups of your data and educate your users not to click on suspicious links.”

The WannaCry ransomware hammers home some simple truths, none of which are particularly new but all of which merit renewed priority.”

“Businesses need to focus attention on identifying and managing the cyber risks arising from their heavy reliance on technology – specifically understanding the top cyber threats and breach scenarios that disrupt operations.”

“Cyber criminals are constantly evolving their methods to create ever-more effective ways of monetising the flaws in computers software, and more often this is interfering with data integrity rather than compromising its confidentiality. For businesses, undertaking the basic elements of their cyber security programme goes a long way towards keeping them safe – patch often, back up regularly and educate employees about phishing.

True cyber resilience is a product of knowing yourself and your ‘crown jewels’, knowing your enemy and how they operate, and establishing an appropriately resourced and funded programme in line with your expressed risk appetite. Cyber criminals are indiscriminate about their victims so we should all feel like we are a target all of the time.”

The cost of the operational disruption WannaCry has already caused since last Friday will be orders of magnitude more than its authors will ever receive in ransom payments. Unfortunately, the process of identifying the culprits and bringing them to justice will – even if successful – be similarly costly. This will be of little consolation to the many businesses and other organisations – especially those small to medium sized enterprises – who suffer costs and data loss arising from this cyber-criminal activity.”

By Hugh Callaghan of EY.

Article Published: 16/05/2017