40 SEPTEMBER / OCTOBER 2021 Ransomware Attacks Are becoming more prolific IBA INSURANCE SOLUTIONS In our travels talking with Indiana banks, the topic I get the most questions on these days is ransomware. Below is a timely article from the folks at ABA Insurance Chuck Maggard President/CEO IBA Insurance Solutions cmaggard@inbankersins.com IBA Insurance Solutions is a Preferred Service Provider and subsidiary of the Indiana Bankers Association. Services, one of our carriers and a Preferred Service Provider of the Indiana Bankers Association. Recently, well-publicized ransomware incidents have targeted entities across industries, from government organizations and school districts to privately held operations, hospital systems and financial institutions. While the threat of ransomware is nothing new, we are learning of alarming trends suggesting that attacks are evolving to become more disruptive and payment demands more consequential than previously known. Ransomware is no longer simply a nuisance. Attacks are rendering businesses inoperable, significantly eroding public confidence and costing businesses millions to remediate. Ransomware attacks typically begin with a targeted email message containing malicious software. Once introduced, the malware spreads throughout the network, encrypting documents or files and rendering them inaccessible until a ransom is paid by the victim. In the past, these attacks normally targeted specific documents or files. Today, however, the attacks are creating havoc by infiltrating entire operating systems, deleting onsite backups and exfiltrating sensitive data, with threat actors threatening to publish confidential information if their demands are not met. As these criminals become more emboldened, they are seeking larger ransom payments, now easily reaching seven figures. In one recent incident, a bank was shut down for several days after numerous systems in its environment were attacked, including its core operating system, online banking platform and telephones. The extortionists demanded a ransom in excess of $1 million. The increasing frequency of attacks has garnered the attention of the U.S. Department of the Treasury’s Office of Foreign Assets Control. An advisory issued in early October 2020 provides some background on attacks, identifies several known malicious actors and suggests a risk-based compliance program to mitigate exposure. The advisory also warns that victims can be fined if they pay ransom to groups that are under economic sanctions. A similar advisory was issued by the Financial Crimes Enforcement Network. Experts continue to suggest that common-sense security measures are the best first step in protecting your institution. These recommendations include: • Training employees to recognize suspicious emails and attachments. • Keeping antivirus and anti-malware software up-todate. • Implementing ongoing, regularly scheduled offsite (cloud-based) backups that are not connected to the networks being backed up. • Refining incident response and business continuity plans to reflect today’s threat environment. There are emerging technology solutions available to help fortify your defenses against malware. A number of providers offer solutions that monitor entry points and network workflow to detect threats. These tools capture and analyze big data across many channels and use machine learning to continuously
RkJQdWJsaXNoZXIy MTg3NDExNQ==