One week on: how has the East Midlands responded to the WannaCry cyberattack?

A week on from the WannaCry ransomware hack, businesses across the East Midlands are slowly coming to terms with the fact that their systems and networks might not be as secure as they first thought.

The attack highlighted the speed at which a cyber attack can propagate itself globally. Whilst it is mainly well known brands that grab the news headlines, ransomware attacks are businesses every single day.

But how have East Midlands business leaders responded?

According to insurance and risk management advisers JLT Specialty, which has an office in Nottingham, there are a number of ways businesses can respond to this kind of incident and be better prepared for any future ransomware attack.

Sally Swann, partner and head of the Midlands region for JLT Specialty, says: “Our advice is to review and improve IT systems and processes, and ensure staff are constantly reminded and educated on the dangers of cyber attacks.

Sally Swann

If your company still hasn’t purchased cyber insurance, now really is the time to invest.”

Meanwhile, Owen Purcell, lead partner of EY’s Cyber EMEIA Advisory Centre, says: “The recent wave of cyber attacks is proof that cyber criminals are becoming more aggressive and sophisticated, simultaneously targeting all kinds of interconnected organisations across the globe.

“A cyber criminal’s greatest ally is complacency. Whether you are a Fortune 500 company or a family-owned business, if you don’t take cybersecurity seriously, you are at significant risk of being attacked. EY is closely monitoring the attacks and we urge everyone to take steps that can help keep critical systems and data safe.”

Amidst fears that last week’s large-scale cyber-attack may cause further disruption to businesses worldwide, operations director at Nottingham-based insurance brokers Russell Scanlan, Andy Jenkins, said: “There is no surprise that this attack has been labelled a ‘wakeup call’ by both Microsoft and the Government – the hackers behind this virus strain have preyed on new-found weaknesses to target businesses who have failed to keep their Windows systems up to date.

“As cyber criminals become more and more sophisticated we have seen an influx of businesses looking to step up their cyber security, but cases like this show that more needs to be done. Small and medium enterprises who do not see cyber protection as a priority are particularly vulnerable to attacks and reports already show that this sector has been more likely to pay ransoms to hackers.

“Consider backing up files to multiple locations and if portable drives are used, ensure that they are encrypted.

“If yours is one of the unlucky companies that has been hit by this most recent wave, our most vital piece of advice is: do not pay the ransom. Communicating with cyber criminals will do more harm than good; there is no guarantee that your data will be restored and the potential of repeat attacks is increased. Review your insurance policies and contact a cyber expert who can get your system up and running again.”

Cyber attacks have been perceived as among the highest risks for several years and, according to the Business Continuity Institute’s most recent Cyber Resilience report, two-thirds of organisations have experienced at least one cyber attack and 15% have suffered ten or more.

“Cyber crime as a rapidly growing phenomenon of modern business and one that is very hard to stay one step ahead of. The potential for any organisation or individual to fall victim to increasingly clever cyber criminals gets bigger every day,” said Andy Watterson, businesswatch manager and cyber crime lead at East Midlands Chamber.

“The threat of cyber attack grows every day, corresponding exactly with the dependence on computers in most businesses. But the threat is not just one of disruption, it’s also the damage that can be done to corporate reputation

David Hubbard

and the huge financial penalties companies will face from next year when the European Union General Data Protection Regulations come into force.”

Cybercrime cost UK businesses £29bn in 2016, with 2.9 million British businesses being affected in some way.

David Hubbard, deputy managing director of Derby-based ValueLicensing, which specialises in the identification and resale of pre-owned Microsoft Volume Licences, upgrading security doesn’t have to be as costly as the media has portrayed.

He said: “The recent WannaCry ransomware attack on businesses follows reports that online incidents now report for half of all reported crime.

“While cybercrime can be devastating for a business, it’s understandable given the media attention that some company owners delay their investment in securing their systems as they simply think it too expensive. This is the costly mistake the NHS – and so many organisations – have made.”