A new ransomware tactic occurring threatens to disclose confidential bank customer information unless a ransom is paid. Criminals have figured out they can extort bigger dollars using this approach compared to simply locking up a bank president’s workstation with ransomware. This creates far more reputational, legal and regulatory risks for the bank.
This exact type of ransomware attack happened at two banks over Memorial Day weekend. While individuals in the United States were honoring those who have fought for our country and were spending time with their families, our neighbor to the north was busy fighting a different kind of war. Cyber criminals attacked two Canadian banks and notified major media outlets about their intent to disclose confidential customer information unless a ransom of $1 million was paid within 24 hours, according to authorities.
What would you do if ransomware attacked your computer network but did more than lockup files on your computer and demand a ransom of $500? What if instead they exported your customer data to a criminal network that demanded $1 million for the return of your customers’ information? Imagine the impact on you and your staff if the media were alerted and you had a short window of time to determine if a successful attack had occurred, to decide if your bank was going to pay the demanded ransom and what you were going to tell your customers.
Cyber-attacks occur against banks every single day, and they are constantly changing. Traditionally, ransomware attacks targeted a single workstation or files on a server. They locked up the files and demanded payment of a few hundred dollars, threatening that without payment data would be irretrievably lost. Ransomware’s most recent variant threatens the bank with reputational risk, regulatory risk and legal risk by publicly releasing confidential customer information unless the bank pays a sizable ransom.
The type of bad actors performing these attacks are also changing. Instead of a sole individual cyber attacking for a challenge or for fun, many of these attacks are perpetrated by criminal networks with a profit motive. Many times these cyber criminals are backed by nation-states with substantial resources used to accomplish a successful attack.
There are preventative steps your bank can take to help reduce the ransomware threat. Additionally, there are responsive actions that should be planned out ahead of time to help reduce the impact when a ransomware event occurs. Following are some thoughts to consider:
When the worst case does happen, the last thing you want to be doing is creating a plan from scratch or spending time discussing what steps need to be taken. When a cyber threat occurs you need a solution that helps you with:
Are you confident in the systems, staff, and processes and procedures your bank depends on to prevent you and your customers from becoming the victim of a ransomware attack? BankOnIT was founded to provide banks a more comprehensive solution in a rapidly changing technology environment with evolving cybersecurity threats, providing your bank stronger defenses and a more robust response to keep your bank secure, operational and regulatory compliant.
Have questions? Give us a call at 800-498-8877, option 2, or at Solutions@BankOnITUSA.com.