Businesses and individuals face a dangerous and growing threat to the safety of their personal information and data in the form of ransomware.
Ransomware is a form of malware that targets critical data and systems for the purpose of extortion. Once active on a victim’s network or computer, the ransomware encrypts and holds critical and sensitive data hostage until payment is made. A countdown clock usually accompanies the ransom demand and the cybercriminal usually requires payment in bitcoin or another anonymous form of payment. After receiving payment, the cybercriminal may provide an avenue for the victim to regain access to the system or data.
According to the U.S. Federal Bureau of Investigation, ransomware victims in the United States have paid more than $209 million in ransom payments in the first three months of 2016, compared with $25 million in all of 2015. The ransom demands vary greatly, but averages about $500 for individuals and $10,000 for businesses.
Ransomware is primarily delivered through spear-phishing emails. In fact, a recent study by the threat-management company PhishMe found that ransomware attacks make up 93 percent of phishing emails.
However, ransomware is also evolving and becoming increasingly more sophisticated. According to the FBI’s Cyber Division, in newly identified instances of ransomware, cybercriminals are bypassing the need for victims to click on a link in an email. Instead, they are seeding legitimate websites with malicious code to take advantage of unpatched software that may be present on a victim’s computers.
Small Financial Institutions Are Especially Vulnerable
The rising threat of ransomware is a particular concern for smaller financial institutions like credit unions. A recent report by Beazley Breach Response notes the rising threat to small banks and credit unions with less than $35 million in annual revenue. They found that 81 percent of hacking and malware breaches at financial institutions in 2016 occurred in these small financial institutions, compared to 54 percent of the incidents reported in 2015. Beazley said its team handled 86 ransomware attacks during the first six months of 2016, versus 43 for all of 2015.
Ways to Prevent Ransomware
Fortunately, there are ways to mitigate the risk ransomware poses to your credit union. The FBI, U.S. Computer Emergency Readiness Team and the Federal Financial Institutions Examination Council have put out guidance and best practices on how to help protect your systems from this growing threat.
Some of the basic defenses against ransomware include:
- Educating all staff on the risks and how to use email and the web safely;
- Making sure to regularly back-up critical systems and data;
- Maintaining up-to-date firewalls and anti-malware systems and protections;
- Limiting the ability of users or IT systems to write onto servers or other systems;
- Having a robust patch-management program;
- Using web- and email-protection systems and software; and
- Removing any device suspected of being infected from your systems.
For additional information on ransomware and its growing threat to financial institutions, visit:
- Beazley Breach Insights, “Hackers Target Smaller Financial Institutions,” http://bit.ly/2czBcyp (opens new window)
- Federal Bureau of Investigation, “Incidents of Ransomware on the Rise: Protect Yourself and Your Organization,” http://go.usa.gov/xZ6Vx (opens new window)
- The United States Computer Emergency Readiness Team, “Ransomware,” http://go.usa.gov/xZ6GG (opens new window), and “Ransomware and Recent Variants,” http://go.usa.gov/xZ66P (opens new window)
- Federal Financial Institutions Examination Council, “Cyber Attacks Involving Extortion,” http://go.usa.gov/xZ6Fd (opens new window)