WPP moves to contain Ransomware attack; a new reality, say ad honchos

On June 27, 2017, a number of WPP companies – though not all – were affected by the Ransomware attack that hit organisations around the world. According to the WPP website, the attack also disabled operations at other major companies, including Russian oil and shipping firm Rosneft PJSC, shipping major Maersk, and pharma giant Merck across Europe. 

Further posting an update on the site, WPP stated, “We are working with our IT partners and law enforcement agencies to take all appropriate precautionary measures, restore services where they have been disrupted, and keep the impact on clients, partners and our people to a minimum. Having taken steps to contain the attack, the priority now is to return to normal operations as soon as possible while protecting our systems. We will provide further updates as the situation develops.” 

The official statement also notified that the company’s operations have not been uniformly affected, and issues are being addressed on a company-by-company basis. Many of its businesses are experiencing no or minimal disruption, the statement added. 

Meanwhile, commenting on the recent cyber attacks on the global ad industry, Ashish Bhasin, Chairman & CEO South Asia, Dentsu Aegis Network, said, “I think cyber attacks are a new reality with which the world has yet to come to grips with. It is a bit of a cat and mouse game, where the hackers are always trying to be one step ahead while the users are trying to find the best protection that they can get. Amongst other things, the only real precaution you can take is that legal software is used, proper anti-virus software systems are in place particularly in servers holding large amount of data and most importantly, which is not that commonly done in India, the users should be adequately sensitised on the kind of mails that could be potentially harmful. Equipment which is not authorised should not be allowed to be plugged to company systems, regular updates on the protection software should be carried out, strictly only legal software should be used and the moment there is anything suspicious, the same should be reported to IT. I think as a country, India is often unprepared but of late, the awareness levels are rapidly rising because the cost involved in the potential disruption to business is just too high.” 

Rana Gupta, Vice President – APAC Sales, Identity and Data Protection, Gemalto, a leader in digital security, explained, “Because data is the new oil in the digital economy, Ransomware attacks that restrict access to important data until the attacker is paid are becoming increasingly common. However, neither businesses nor individuals should pay ransoms to unlock any files that have been affected by a Ransomware attack, as this incentivises and rewards these kinds of attacks. In order to prevent becoming a victim of a Ransomware attack, data should be backed-up and encrypted, and stored away from the network the rest of the data is stored on. This means that in the event that a Ransomware attack locks someone out of their files, they will have secure copies available. By doing this, the victim would be able to return to business-as-usual quickly and efficiently.”