Thanks to Credit Union Times for continuing to be an advocate for information security issues.
As an information security professional, I believe we need voices that advance awareness of the risks we all face from growing cyber threats, such as the ransomware that was the subject of a March 16 article (“Locky Ransomware Infecting 9,000 Systems Daily”). Ransomware is a threat that is rapidly expanding its capabilities and footprint, and it's wreaking havoc along the way.
Cybercriminals' use of ransomware, such as Locky, CryptoLocker and CryptoWall, saw tremendous growth in 2015, a trend that McAfee Labs predicted will escalate among financial institutions and local governments in 2016. Even more troubling, ransomware thieves are refining their skills to cause increasing financial and reputational damage to their victims.
Ransomware is malicious software that infects computers and then proceeds to encrypt data on the hard drive, primarily files from applications such as Microsoft Excel and Word. It can then spread its mayhem across mapped network shares to critical files on company servers. Organizations receive a pop-up or locked screen saver that provides instructions on how to pay a ransom, generally using an online payment system such as Bitcoin. After receiving payment, the criminals send victims the private key(s) to decrypt locked files and recover from a very effective denial of service attack and loss of access to customer data.
Generally, having good backups of critical data is an effective mitigation strategy to recover from these attacks. But the newer, more sophisticated variants of ransomware are starting to encrypt data across unmapped network shares, which could end up encrypting network-accessible data backups. To combat this, backup data should be air-gapped from the network, not stored on hardware connected to the internet.
Sollievo believes the most effective controls to prevent these infections are also the most basic. We recommend that credit unions review the CIS Critical Security Controls on the Center for Internet Security website, which lists cybersecurity controls that are easy to read and understand. We're aware of credit unions that have been victimized by ransomware infections but, fortunately, were able to recover by using backups. Not everyone is so well prepared, and many businesses and government entities have had to pay to recover their data.
Richard Carberry
Senior Consultant
Sollievo
Harrisburg, Pa.
Complete your profile to continue reading and get FREE access to CUTimes.com, part of your ALM digital membership.
Your access to unlimited CUTimes.com content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Breaking credit union news and analysis, on-site and via our newsletters and custom alerts
- Weekly Shared Accounts podcast featuring exclusive interviews with industry leaders
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical coverage of the commercial real estate and financial advisory markets on our other ALM sites, GlobeSt.com and ThinkAdvisor.com
Already have an account? Sign In Now
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
