Beware of ransomware
EDITOR'S NOTE: Robin Farmer is a freelance writer.
Cyberattacks involving ransomware — a type of malware that hijacks valuable digital files in exchange for payment — are on the rise, according to the FBI.
The problem is causing increasing alarm among officials in the banking industry, where the protection of customer financial data is vital.
Ransomware that encrypts files jumped by 35% between 2014 and 2015, according to a report released in 2016 by the Symantec Company. The trend continued into 2016, with the FBI predicting the nation would lose $1 billion in 2016 due to ransomware attacks. And in November 2016, the U.S. Federal Financial Institutions Examination Council issued a warning to banks about an increase in the number and severity of ransom attacks against financial institutions, some with demands up to thousands of dollars.
“Ransomware is growing in popularity because it is far more lucrative than more traditional cyberattacks where hackers access and steal data,” said Mike Baker, founder and principal at Mosiac451, a cybersecurity service provider with expertise in building, operating and defending highly secure networks in North America. The company is headquartered in Phoenix.
In many traditional cyberattacks, hackers break into a computer system or network and obtain stolen data, and then look for potential buyers for the stolen information. In a ransomware attack, the hacker has a built-in buyer — the owner of the data — who is often not in a position to negotiate on price, Baker said.
Ransomware works quickly and covertly. Victims tend to discover their information has been compromised when they can no longer access their systems, according to Baker.
Charles Blauner, managing director and global head of information security at Citigroup, Inc., testified about the impact of ransomware in May 2016 before the Subcommittee on Crime and Terrorism of the U.S. Senate. Speaking on behalf of the American Bankers Association, Blauner said in a written statement that the financial sector faces cybersecurity threats from four main groups: hacktivists promoting a sociopolitical ideology; organized gangs committing cybercrime for profit; nation states committing industrial espionage; and extremist groups trying to disrupt financial markets.
“Regardless of the group or motivation, a common practice of each is to utilize these botnets to deploy traffic or malicious software, also known as malware, to infect our financial customers’ electronic devices in order to compromise their personal financial information, hijack their internet banking sessions, or encrypt their important files and then hold these files hostage for ransom, commonly known as ransomware,” Blauner testified.
Negative impacts
Protecting information
To reduce risks, banks and other financial services businesses need to educate their customers on how to protect personal information on their mobile devices and computers from ransomware, experts said. They also need to alert law enforcement when issues arise.
Customers should be encouraged to update the latest antivirus software; automate the installation of security patches for operating systems and web browsers; create strong and varied passwords; use pop-up blockers; download software only from trusted sites; and not open attachments or click on a URL in unsolicited or suspicious emails, even when they appear to be sent by friends and family.
“Financial institutions are doing the best job with internal threats,” said Tony Perez, founder and CEO of Netlok, a new cybersecurity solution firm based in Santa Barbara, Calif. “They still don’t have control of the major external threat. They don’t know how to control their clients’ and customers’ password practices. Institutions must find an easy way for people to access the system, and passwords are not the solution.”
Using an encrypted photograph of the customer instead of a password to access an account is a good start, said Perez, noting that Netlok uses a proprietary photo encryption technology. Other tips to combat ransomware include limiting the storage of personal information on internet-connected devices and regularly backing up files.
Check out our Financial Services Facebook page.
Like Us
Another troubling development is the rapid evolution of ransomware as a service. With the RaaS model, cybercriminals download a virus from the internet, either for free or a nominal fee. The cybercriminal then uses the malware to infect a victim’s computer files, and the files remain locked and unusable unless the victim pays a ransom for the decryption key. If the victim pays the ransom, the original author or developer of the virus is paid a percentage. “Malware and ransomware developers are offering customized versions of products to other cybercriminals for a percentage of their profits,” Blauner said in his testimony. “This market allows developers to pair their technical capabilities with the access to victims possessed by other criminal organizations. RaaS is likely to result in even greater infection rates and improvements in the efficacy of new ransomware variants as this business model continues to draw new participants.”
Ransomware is growing in popularity because it is far more lucrative than more traditional cyberattacks where hackers access and steal data.”
— Mike Baker, founder and principal at Mosiac451, a cybersecurity service provider
Ongoing employee training on information security practices and security awareness also is essential. To keep pace with evolving security threats and devote resources to prevent ransomware, “it’s a good idea for businesses to enlist the services of a professional managed security services provider,” Baker said.
A managed security services provider has experts who can work with IT staff, advise on proactive security measures, provide employee training, monitor the network and respond to breaches.
No organization or individual is immune to ransomware so it is important to be prepared, said Stu Bradley, vice president, cybersecurity solutions for SAS, a system analysis company based in Cary, N.C. Bradley said companies also need to have a plan in the event of a cyberattack.
“Should an incident occur, a prepared organization can fall back on its business continuity plan,” he said. “That involves having alternative operating systems at the ready along with backup data it can restore fairly immediately. Such preparedness offers a level of protection and makes the actual value of the ransom event more insignificant.”
New. Upgraded.
Comprehensive products available!
Organization-wide training, made simple
Learn More
Cyberattacks involving ransomware are a growing concern
© 2017 OnCourse Learning Corp. All rights reserved
Contact Us
20225 Water Tower Blvd. Brookfield, WI 53045
By Robin Farmer
More inside this guide
Prevent cyberattacks
Banks must take proactive steps to stay ahead of cybercriminals
Phishing for trouble
Hackers use phishing emails to steal data, penetrate networks
Banks face new cyber regs
New cybersecurity standards could affect large financial institutions
Leading the way
New York establishes first-of-its-kind cybersecurity standards
What you need to know
Ways financial institutions can identify and respond to cyberthreats
Email fraud and cybercrime
Tips to identify red flags and respond to email and cyberthreats
Understand the threats
Learn ways financial institutions can mitigate cyber risks
Reduce cyber risk
OnCourse Learning webinar focuses on cybersecurity issues
Choose the right vendor
Financial institutions can be held responsible for vendor tech failures
Become cyber secure
OnCourse Learning offers cybersecurity training to meet your needs
Take cybersecurity seriously
Guide helps financial institutions identify cyberthreats
Beware of ransomware
Cyberattacks involving ransomware are a growing concern
Stop the bad actors
Terrorists and other groups threaten the financial system
Credit unions raise the bar
Agency creates cybersecurity assessments for credit unions
Cyber preparedness
Why cybersecurity should be a top priority for your financial institution
Increase cyber awareness
Federal and state agencies offer many cyber resources
Protect online payments
Agency warns of cyberthreats to bank payment networks
Training in the cyber age
Preparation is better than remediation when it comes to cybersecurity
How to Navigate
How to Navigate
Move forward or backward between articles by clicking the arrows.
Click or tap to bring up the Table of Contents.
Share articles by clicking on one of the social media icons in the upper right corner of the page.
Use your mouse wheel, keyboard arrow keys, or scroll bar to move up and down in an article.