Beware of ransomware
editor_s-note
EDITOR'S NOTE: Robin Farmer is a freelance writer.
Cyberattacks involving ransomware — a type of malware that hijacks valuable digital files in exchange for payment — are on the rise, according to the FBI.
The problem is causing increasing alarm among officials in the banking industry, where the protection of customer financial data is vital.
Ransomware that encrypts files jumped by 35% between 2014 and 2015, according to a report released in 2016 by the Symantec Company. The trend continued into 2016, with the FBI predicting the nation would lose $1 billion in 2016 due to ransomware attacks. And in November 2016, the U.S. Federal Financial Institutions Examination Council issued a warning to banks about an increase in the number and severity of ransom attacks against financial institutions, some with demands up to thousands of dollars.
“Ransomware is growing in popularity because it is far more lucrative than more traditional cyberattacks where hackers access and steal data,” said Mike Baker, founder and principal at Mosiac451, a cybersecurity service provider with expertise in building, operating and defending highly secure networks in North America. The company is headquartered in Phoenix.
In many traditional cyberattacks, hackers break into a computer system or network and obtain stolen data, and then look for potential buyers for the stolen information. In a ransomware attack, the hacker has a built-in buyer — the owner of the data — who is often not in a position to negotiate on price, Baker said.
Ransomware works quickly and covertly. Victims tend to discover their information has been compromised when they can no longer access their systems, according to Baker.
Charles Blauner, managing director and global head of information security at Citigroup, Inc., testified about the impact of ransomware in May 2016 before the Subcommittee on Crime and Terrorism of the U.S. Senate. Speaking on behalf of the American Bankers Association, Blauner said in a written statement that the financial sector faces cybersecurity threats from four main groups: hacktivists promoting a sociopolitical ideology; organized gangs committing cybercrime for profit; nation states committing industrial espionage; and extremist groups trying to disrupt financial markets.
“Regardless of the group or motivation, a common practice of each is to utilize these botnets to deploy traffic or malicious software, also known as malware, to infect our financial customers’ electronic devices in order to compromise their personal financial information, hijack their internet banking sessions, or encrypt their important files and then hold these files hostage for ransom, commonly known as ransomware,” Blauner testified.
Negative impacts
Protecting information
To reduce risks, banks and other financial services businesses need to educate their customers on how to protect personal information on their mobile devices and computers from ransomware, experts said. They also need to alert law enforcement when issues arise.
Customers should be encouraged to update the latest antivirus software; automate the installation of security patches for operating systems and web browsers; create strong and varied passwords; use pop-up blockers; download software only from trusted sites; and not open attachments or click on a URL in unsolicited or suspicious emails, even when they appear to be sent by friends and family.
“Financial institutions are doing the best job with internal threats,” said Tony Perez, founder and CEO of Netlok, a new cybersecurity solution firm based in Santa Barbara, Calif. “They still don’t have control of the major external threat. They don’t know how to control their clients’ and customers’ password practices. Institutions must find an easy way for people to access the system, and passwords are not the solution.”
Using an encrypted photograph of the customer instead of a password to access an account is a good start, said Perez, noting that Netlok uses a proprietary photo encryption technology. Other tips to combat ransomware include limiting the storage of personal information on internet-connected devices and regularly backing up files.
Check out our Financial Services Facebook page.
Like Us
Another troubling development is the rapid evolution of ransomware as a service. With the RaaS model, cybercriminals download a virus from the internet, either for free or a nominal fee. The cybercriminal then uses the malware to infect a victim’s computer files, and the files remain locked and unusable unless the victim pays a ransom for the decryption key. If the victim pays the ransom, the original author or developer of the virus is paid a percentage. “Malware and ransomware developers are offering customized versions of products to other cybercriminals for a percentage of their profits,” Blauner said in his testimony. “This market allows developers to pair their technical capabilities with the access to victims possessed by other criminal organizations. RaaS is likely to result in even greater infection rates and improvements in the efficacy of new ransomware variants as this business model continues to draw new participants.”
callout-514469972quote-mark
Ransomware is growing in popularity because it is far more lucrative than more traditional cyberattacks where hackers access and steal data.”
— Mike Baker, founder and principal at Mosiac451, a cybersecurity service provider
inline-541838304
Ongoing employee training on information security practices and security awareness also is essential. To keep pace with evolving security threats and devote resources to prevent ransomware, “it’s a good idea for businesses to enlist the services of a professional managed security services provider,” Baker said.
A managed security services provider has experts who can work with IT staff, advise on proactive security measures, provide employee training, monitor the network and respond to breaches.
No organization or individual is immune to ransomware so it is important to be prepared, said Stu Bradley, vice president, cybersecurity solutions for SAS, a system analysis company based in Cary, N.C. Bradley said companies also need to have a plan in the event of a cyberattack.
“Should an incident occur, a prepared organization can fall back on its business continuity plan,” he said. “That involves having alternative operating systems at the ready along with backup data it can restore fairly immediately. Such preparedness offers a level of protection and makes the actual value of the ransom event more insignificant.”
FS_ProductLaunch_StandardAd_875x650_desktopVector-Smart-Object11
Ascent
Vector-Smart-Object6
Expansion
Vector-Smart-Object33
Breakthrough
Vector-Smart-Object7
Mortgage
New. Upgraded.
Comprehensive products available!
Organization-wide training, made simple
Learn More
OCL-ad-logo
Cyberattacks involving ransomware are a growing concern
article-down-arrow
© 2017 OnCourse Learning Corp. All rights reserved
facebooktwitterLinkedinyoutube
Contact Us
20225 Water Tower Blvd. Brookfield, WI 53045
By Robin Farmer
BACK TO TOP
arrow-up
More inside this guide
arrow
share-dots-shadowleft-arrowright-arrowright-arrow-3
hamburguer-icon-shadow
MENU
X
Contents
HOME
arrow
arrow
Prevent cyberattacks
Landing-524882074
Banks must take proactive steps to stay ahead of cybercriminals
landing-506789534
Phishing for trouble
Hackers use phishing emails to steal data, penetrate networks
arrow
landing-81178245
Banks face new cyber regs
New cybersecurity standards could affect large financial institutions
arrow
callout-619521204
Leading the way
New York establishes first-of-its-kind cybersecurity standards
arrow
Landiing-522152569
What you need to know
Ways financial institutions can identify and respond to cyberthreats
arrow
landing-483590337-_1_
Email fraud and cybercrime
Tips to identify red flags and respond to email and cyberthreats
arrow
Landing-474096848
Understand the threats
Learn ways financial institutions can mitigate cyber risks
arrow
landing-518856699
Reduce cyber risk
OnCourse Learning webinar focuses on cybersecurity issues
arrow
Landing-639086112
Choose the right vendor
Financial institutions can be held responsible for vendor tech failures
arrow
ThinkstockPhotos-506752188
Become cyber secure
OnCourse Learning offers cybersecurity training to meet your needs
arrow
ThinkstockPhotos-487159125
Take cybersecurity seriously
Guide helps financial institutions identify cyberthreats
arrow
Landing-492263357
Beware of ransomware
Cyberattacks involving ransomware are a growing concern
arrow
landing-521421311
Stop the bad actors
Terrorists and other groups threaten the financial system
arrow
landing-78288589
Credit unions raise the bar
Agency creates cybersecurity assessments for credit unions
arrow
landing-468005219
Cyber preparedness
Why cybersecurity should be a top priority for your financial institution
arrow
landing-637910478
Increase cyber awareness
Federal and state agencies offer many cyber resources
arrow
landing-81859699
Protect online payments
Agency warns of cyberthreats to bank payment networks
arrow
Landing-506709328
Training in the cyber age
Preparation is better than remediation when it comes to cybersecurity
arrow
logo
How to Navigate
X
How to Navigate
BROWSE
FIND
right-arrowleft-arrow
hamburguer-icon-shadow
MENU
Move forward or backward between articles by clicking the arrows.
Click or tap to bring up the Table of Contents.
READ
facebooktwitterLinkedin
SHARE
scroll
Share articles by clicking on one of the social media icons in the upper right corner of the page.
Use your mouse wheel, keyboard arrow keys, or scroll bar to move up and down in an article.