The FFIEC Issues 2015 Statement Regarding Ransom-based Cyber-attacks
Banks and credit unions are more at risk for cyber-ransom attacks.
Though the technology first appeared in the mid-2000s, cyber-criminals using ransomware have gotten more sophisticated, organized, and aggressive.
Targeted businesses experience a DDoS (Distributed Denial of Service) attack known as a DD4BC (DDoS for Bitcoin.) To add insult to injury, Bitcoin is difficult to track back to the ransom recipient, as the cyber-currency exists in an online, anonymous marketplace.
If you aren’t familiar with this latest version of online extortion, top IT security provider Trend Micro defines it this way: “Ransomware is a type of malware that prevents or limits users from accessing their system. This type of malware forces its victims to pay the ransom through certain online payment methods in order to grant access to their systems, or to get their data back. Some ransomware encrypts files (called Cryptolocker). Other ransomware use TOR to hide C&C communications (called CTB Locker).” The most lucrative and vulnerable target of this rising crime spree? Second- and third-tier banks and credit unions.
The scenario seems almost ludicrous – how do these attacks get through IT security systems? According to Olivia Solon’s September 9, 2105 article in BloombergBusiness, 58% of the 150 of the cyber-ransom attacks to date targeted financial institutions. 35% of those were banks and credit unions. The reasoning appears to be that the target group has the money to pay the ransom, but not enough in their budgets to purchase the added layer of security needed to combat ransomware technology. Businesses report losing everything from hundreds of thousands of dollars to 10+ years of internal and customer data from both paying and not paying the requested ransom.
Luckily, the FFIEC has issued a statement containing resources for combatting these attacks as well as a PDF for download. You can access, read and download this information by visiting their website here.
One of the key points of the statement involves the necessity of conducting cyber-security policy reviews, which recommends financial institutions’ regularly monitor the business continuity planning of their third-party IT service providers (ISPs). If you’d like, we can help with that.
Most of all, though, we encourage you to incorporate the advice and resources provided by the FFIEC. As long as we keep this information going, a new security solution should be found shortly.