On 29 April 2021, the scare of ransomware came to broader light when Colonial Pipeline Co.’s operations were forced to shut down for the first time in six decades. Bloomberg stated that hackers leveraged an employee’s virtual private network (VPN) account to breach through the company’s security system and gain access to its computer network, raising further concerns about the future of digital security in organizations.

According to the Harvey Nash/KPMG CIO Survey, 2020, about 86% of the organizations have shifted a significant portion of their workforce into a remote working culture since the COVID-19 outbreak, and, in doing so, they may have inadvertently changed how hackers choose their target.

Courtesy of this worldwide repositioning, weak IT security of remote-based networks, and the high success rate of pandemic-themed lures, the new-generation hackers are highly motivated, more organized, and methodical in their approach, giving businesses all the more reason to reimagine their strategies in the battle against ransomware — a malicious software that restricts access to a computer system until the sender’s demands are met. However, with directed awareness and competent cybersecurity solutions, organizations could curb these threats globally. 

The present state of ransomware

In its report The changing shape of ransomware, KPMG found that about 51% of the companies surveyed had a ransomware incident in the last year. Since 2019, the amount of ransom has gone up by about 100%, the paper mentioned. While the number of incidents are alarming, what’s more dangerous is that in a post-pandemic world, ransomware attacks are more centred on organizations rather than individuals. Attackers are establishing their presence within organizations to gain access to key target systems and create the desired impact.

Businesses in Kuwait have been no strangers to well-coordinated cyberattacks since the imposition of a nationwide lockdown in early 2020. Although a lot of businesses went digital to keep afloat, only the larger organizations that had, or could build, a competent IT infrastructure made the cut. The small- to medium-sized companies, on the other hand, may still be vulnerable to the said threats. While this rapid digitalization may have opened new avenues to earn revenue, it has certainly left the businesses exposed to potential cyber threats, wondering what they could do better to avert them.

What can your organization do

The Sophos whitepaper published in May 2020 found that about 29% of the attacks directed to gain organizational access were via phishing emails, which could be tackled, if not eliminated completely, using awareness and proactive measures.

That is why educating your staff about ransomware and the other malicious software/links is important, and it can make all the difference in the event of an incident. Consider taking the following steps:

  • Ensure that your employees possess fundamental knowledge about the different types of malicious software/links and maintain a cybersecurity hygiene regularly.
  • Try not to upscale remote work too much too soon as it could call for unwanted setup errors, which, in turn, could let an unknown connection gain access to your computer system. Ensure that the technologies you are relying on to establish the remote connections are secure and setup errors are minimized.
  • Identify any shortcomings that your organization may have in terms of network security. Try donning the hat of a hacker and breaching through it as it will allow you to discern and fix any pre-existing security issues that you may have before it gets too late.
  • Create enough backup — it can save your organization a lot of time and money as retrieving lost data can be a painstaking and expensive process. According to the Harvey Nash/KPMG CIO Survey, 2020, companies pay an average of US$1 million to remediate a ransomware attack, which can easily be avoided using the abovementioned precaution.

Incident response exercises/drills can help simulate an experience similar to that of a cyberattack, allowing your employees to be wary of the steps that they may need to take in the event of a real incident to minimize its impact.

How can we help

A ransomware attack can cost your business revenue; it may even tarnish your brand, which could take years to rebuild. This is where reinforcing your IT infrastructure and deploying a reliable cybersecurity solution becomes crucial.

KPMG’s On-Demand Cyber Incident Response Services model is affordable and aims to help medium-sized businesses address various cybersecurity threats collectively by mitigating risks, proactively informing clients of potential threats, and in fortifying their cyber-response capabilities.

Our member firms are present worldwide, and we have teams of experts available 24/7 to support you in the event of an incident with local expertise.

Please feel free to contact us if you have any queries related to KPMG’s cybersecurity solutions.