Managing the Increasing Risk of Ransomware
Ten years ago, few people could have imagined that one of the greatest operational and data security threats to financial institutions would be extortionists holding data hostage. Yet that’s exactly what’s happening today with ransomware.
The banking industry has become a massive ransomware target—and the threat is growing. Ransomware attacks against banks increased 1,318% in the first half of 2021, according to a ZDNet analysis.
Ransomware is a problem for financial institutions of all sizes. In September Pacific City Bank, a $1.6 billion-asset community bank in Los Angeles, Calif., was hit with hackers showing screen shots of stolen data and demanding the bank pay ransom or its data would be leaked. Numerous other banks and credit unions have also fell victim this year.
Others have fallen victim to ransomware attacks of third-party vendors. Customers of service providers like American Bank Systems, Finastra and Kaseya experienced service disruptions or unauthorized data exposure as a result of ransomware breaches.
Pushing back against cybercriminals
The U.S. government is taking steps to reduce the threat of ransomware. The Treasury recently sanctioned SUEX, a cryptocurrency exchange, for facilitating ransom payments. It also updated its Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments. The thinking is that if untraceable cryptocurrencies can’t be used for illicit activities, it will be much harder for criminal enterprises to collect ransoms.
The administration has also hosted brainstorming sessions with the CEOs of large banks and technology companies to discuss malicious cyber attacks, including ransomware, their root causes, and how security can be baked into technology.
Protecting your FI against ransomware
Financial institutions can’t wait for the government to defeat cybercriminals. Instead, they need to focus on protecting their institutions from ransomware and other cyberattacks and having an incident response plan just in case they fall victim.
This is a basic part of business continuity and disaster recovery planning. It’s also a critical component of vendor management. FIs need to identify high-risk vendors (especially those with access to sensitive data) and have a plan for what to do if the worst happens.
Don’t have a fully fleshed-out plan? Download our Ransomware Response Guide.
Wondering what the latest threats are and what your FI should be doing to guard against them? Join us for our webinar Evolving Cyber Threats: What FIs Need to Know Now.
Topics: Risk & Compliance