One of the biggest cyber threats today is ransomware, with instances of these malicious attacks increasing by 44% in the last six months alone. In fact, according to the 2017 State of Malware Report by Malwarebytes, ransomware was the favorite method of attack used against businesses in 2016. Recent FBI statistics indicate that hackers successfully extorted more than $209 million in ransomware payments from businesses and financial institutions in Q1 2016, and the business of ransomware is now on track to become a $1 billion per year crime.
of identified, impactful threats initially enter via email attachments
of attacks were executed by users clicking web links in an email
of attacks are unknowingly downloaded directly from a webpage
Picking on the Little Guy
Ransomware attacks aren’t just targeting top-tier banks and Fortune 500 businesses anymore. In fact, community banks and credit unions are even more likely to be targeted because hackers believe these smaller organizations are likely to have their guard down.
Successful ransomware attacks primarily reveal the lack of adequate endpoint protection. In addition to the monetary damage of these attacks, not proactively protecting against ransomware can also lead to reputational risk among customers and within the media, weakened staff morale and considerable IT staff hours spent on ransomware response.
While its impact is growing, the truth is that ransomware is not much different from the types of malware that financial institutions have previously encountered. Ransomware enters the organization and leverages known vulnerabilities in the same way as other malware.
Prevention is Key
The good news is that ransomware can also be defended against in the same way as other types of malware. Some common methods to prevent attacks include:
- Deploy and enable an endpoint protection system
- Utilize vulnerability and patch management systems to patch internet-facing applications
- Remove administrator rights from end-users
- Use application control whenever possible to implement a default-deny execution policy
- Implement an enterprise endpoint backup plan, and ensure monitoring of backups and testing of restore capabilities regularly
- Upgrade secure email and secure web gateways or firewalls to filter suspicious email, executable objects and URL/IP addresses
- Install an anti-ransomware solution on your network to stop ransomware
- Build regular testing of incident response scenarios into the ransomware response plan
Ransomware Response Checklist
How to Stay Ahead of the Hackers
Financial institutions must stay informed and educated on the latest threats and ensure all endpoints are adequately protected. Ransomware infections are continuing to affect community financial institutions and those that develop and implement a proactive defense plan, before a hacker is holding personal customer data for ransom, are much more effective at combatting this pervasive malware.
For more information please download our white paper, Strengthen Your Strategy: Why a Layered Defense is the Best Choice for Your Bank’s IT Security Program