Protecting Your Financial Institution From Ransomware

Written by Jameson Miller, M&J Cybersecurity Practice Leader, in partnership with Matisse Long of Advisory IT (AdIT), a division of Mauldin & Jenkins, LLC.

The growing threat posed by ransomware has financial institution leaders on edge nationwide. The anxiety is fully justified as this type of cybercrime is gaining popularity with hackers and causing substantial losses for businesses. As an especially high-value target, financial institutions face an even greater threat than most other entities. Even when sound industry-standard cybersecurity measures are in place, financial institutions could be vulnerable considering at least one criminal network has launched successful ransomware attacks on hundreds of banks worldwide. An incident of this kind can cost financial institutions dearly in reputation as well as monetary terms, or even lead to complete failure.

While there’s no way to entirely prevent ransomware attacks, there are steps leaders can take to strengthen their institutions against such attempts. Strong, consistent, and universally implemented cybersecurity protocols are a must, of course. But even beyond that basic necessity, financial institutions can do more to mitigate the threat of ransomware.

Backups deserve special attention to ensure that all data is securely stored off-line, insulated in such a way that it would remain completely untouched by any theoretical breach of the network. It is also crucial to make sure that backed-up data can be restored quickly and to an operational state that allows employees (and bank clients) to return to work in practice, not just in theory.

Better than restoring data after an incident, however, is preventing hackers from breaching the system and deploying their malicious payload in the first place. To that end, financial institutions should place special emphasis on multi-factor authentication (MFA), utilizing this extra layer of protection wherever possible.

Since hackers often gain access to private systems through compromised login credentials, enabling them to launch ransomware that then shuts down access for legitimate users, all administrative logins by authorized users should require MFA. Best practices also call for MFA when users seek access to private bank data that is stored in any cloud platform.

In response to the rise in ransomware, the Bankers Electronic Crimes Task Force (BECTF) has prepared a Ransomware Self-Assessment Tool. This group is dedicated to helping financial institutions reduce the risks of cybercrime and is comprised of state bank regulators, the United States Secret Service, CEOs of U.S. community financial institutions, and other industry stakeholders.

By using the self-assessment tool, financial institution leaders can gauge their organization’s ability to identify potential ransomware attacks and monitor the institution’s positioning for resisting, responding to, and recovering after such an attack. This tool can be of significant benefit in identifying areas that need additional attention to reduce risk, while also serving as a convenient communication tool for sharing risk management positioning with executive management, boards of directors, insurance providers, and other interested parties.

Cyberattacks are constant and inevitable in the digital age. The cybersecurity professionals at Mauldin & Jenkins urge leaders at financial institutions of all sizes to take advantage of this self-assessment tool now and to perform re-assessments at regular intervals. Investing sufficient time and resources to protect your institution now is immeasurably preferable to suffering the far more costly and damaging consequences of ransomware and other cybercrimes. For assistance in completing the self-assessment or developing a security protocol that keeps you in charge of your institution, not hackers, request a consultation with our cybersecurity team today.