Pub. 11 2021-2022 Issue 3

coloradobankers.org 16 Cyberattacks Continue Making Headlines In May 2021, a ransomware attack targeted one of the nation’s largest pipeline companies, resulting in a nearly $5 million ransom payment, disruption of fuel supply, and even panic purchasing among consumers in certain regions of the country. Shortly thereafter, JBS — which is among the largest meat processing companies in the world — was also hit with a ransomware attack, paying $11 million to keep its data safe. Another example: Kaseya — an IT solutions developer for managed services providers (MSPs) and enterprise clients — announced it was the victim of a cyberattack in July 2021. Hackers carried out a supply chain ransomware attack by exploiting a vulnerability in Kaseya’s software against multiple MSPs and their customers. It’s estimated that up to 1,500 businesses — including financial institutions — were affected by the attack and experienced ransomware compromise. The recent increase in the frequency of ransomware attacks is an enormous concern for all organizations, but especially for financial institutions, whose data is particularly sensitive to these attacks. Ransomware is a growing threat, and banks must be vigilant against this type of attack. CSI’s 2021 Banking Priorities Executive Report revealed the overwhelming majority (81%) of bankers view social engineering as the greatest cybersecurity threat in 2021. Phishing aimed at internal targets that let attackers into internal systems (32%) was another top cybersecurity threat identified by bankers in that report. There is plenty of evidence to support this concern, as employees working from home continue to be targets for cybercriminals. Is Your Bank Prepared for a Cyber - attack? As cybercriminals continue to evolve their tactics and cast a wider net for victims, ensure your bank is prepared to confront this heightened risk. Reference these seven steps as a guide to enhance your bank’s preparedness for attacks and defend against future threats, including ransomware. 1. Have a Plan in Place The automated nature of modern ransomware and the immense scale used in attacks are warning signs to all financial institutions. Ransomware attacks will likely increase in scale, frequency, and sophistication as more cybercriminals seek an easy payout. As ransomware attacks surge, institutions must consider the operational, financial, and reputational implications of being held hostage by ransomware. Does your institution have an actionable plan in writing? If not, developing one should be your priority. Communicating a plan of action to your entire organization in your Incident Response Plan (IRP) — which highlights prevention, detection and protocol during an attack — allows for a quicker response and possible isolation of any infected devices. 2. Conduct Regular Data Backups Ransomware thrives on holding your data captive, making regular data backups essential. If your data has been duplicated and stored elsewhere, ransomware becomes far less threatening. To minimize the damage from an attack, the best recommendation is to implement a risk-based backup program with the frequency and retention period of backups defined according to the criticality of the data. After determining your backup schedule, test your data backups to ensure they work properly. Strengthening Your Bank’s Defenses Against Ransomware By Sean Martin, CSI