Skip to main content

'Anatomy' Of A Ransomware Attack

By Ray Birch

BALTIMORE—Credit unions should brace for almost a month of major problems if they’re victimized by a ransomware attack, according to one cybersecurity expert, whose insights into the “anatomy” of a ransomware attack are coming at the same time nearly 60 CUs are currently trying to restore their own operations.

As those credit unions have come to learn, it takes on average 22 days to get through a ransomware attack and get to the other side, that same expert stated.

That information and additional insights were shared during a webinar hosted by cybersecurity firm Think/Stack, which that was held to provide CUs with insights and answers regarding ransomware in light of the recent attack that that continues to affect those five-dozen CUs hit by an attack on a common vendor.

Feature Ransomware Webinar 1

“We're all being targeted, and this (recent attack) could have happened to anybody,” said Cal Bowman, Think/Stack VP of client innovation and strategy, referring to an attack on the CUSO Ongoing Operations that in turn affected the data processor Fedcomp. “So, it's really important we all recognize that every one of you here has vendors, has partners that are vulnerable. Therefore, the question is, are you ready to respond to any type of large-scale event that really can cripple your organization?”

What’s Been Learned

bowman

Bowman said a goal of the webinar, which was attended by more than 300 credit unions, was to walk through what happens during a ransomware attack and share what his company has learned supporting CUs that have been victimized by such attacks.

Think/Stack VP of Security and Risk Jennifer Anthony said when a ransomware attack occurs in an organization it frequently creates the “fog of war.”

“What you will see in a generalized ransomware attack is the tactical and technical pieces that begin to happen over the first couple days,” Anthony explained.

But at the same time a credit union is seeking to find a tactical path through that fog, the emotional side of the battle must be given attention, as employees struggle to get the CU operating again, Anthony said.

“There is confusion and concern,” she said. “Maybe someone can't get on to a system they previously could access. Maybe there's a service that's not working and folks are starting to feel confused about what's going on. All this is happening as your technical teams in the background are beginning to quickly investigate the source of the problem.”

Anthony emphasized a credit union involved in a ransomware attack should be prepared to spend at least three weeks dealing with it.  

The Internal Threat

As CUToday.info has reported and as credit unions are frequently warned, ransomware attacks often occur due to an employee opening the door by falling for a phishing scam or downloading a file they believe to be safe.

“This is a function of human performance,” she noted. “We all begin to look for who's at fault, who did something they were not supposed to do that caused this. What we tell organizations is that when you get caught in that space, you should not spend a lot of time trying to figure out who to point the finger at, (but instead spend) time trying to figure out how to get out of the situation.”

Not surprisingly, Anthony described the working environment following an attack as “chaotic.”

‘Everyone’s Scared’

“Everyone's scared. We're not sure what's going on and maybe we have members who are really angry. Maybe we have board members that are really angry, or leaders that are really angry,” she said. “The goal at this point is to figure out how to get past it. We'll figure out who's to blame or what's to blame, or how we can prevent it in the future at a later point.”

It's an issue credit unions should take seriously, according to Anthony, who said there is a growing ransomware threat to the not-for-profit co-ops.

“In the last seven months we worked with six credit unions who individually found themselves in this space,” she said. “This is something that's happening on a regular basis, across all industries.”

Anthony reminded that as the credit union moves through a ransomware incident many employees will be feelin remorse and concern over fellow workers in IT who are working feverishly to restore operations.

“They feel like they are at fault for what is going on, and that is a very difficult place to be,” she said. “The technical teams are trying to figure out how to remediate the situation. I've been in organizations where technical teams are working nonstop, around the clock, for days and days. The credit union then is trying to figure out how do we feed people? How are we going to send people home to sleep so they can come back and be effective—because you are in this fight for a long time and there is a lot of pressure on everyone.”

Like Being in a Battle

Anthony likened the experience to those who fight in a war.

“I spent 20 years in the in the United States military, and this is a roller coaster akin to what a service member might experience in their daily lives—and this can be traumatic,” she said.

anthony

She urged credit unions to consider where they are vulnerable.  

“We know 93% of ransomware attacks are in Windows-based environment,” she said. “If we listed them in order of frequency of occurrence, how they occur, here's what they would be: Number one is e-mail phishing campaigns. Number two would be (remote desktop protocol or RDP) vulnerabilities. And number three would be software vulnerabilities.”

The Long-Term Affects

While those 22 days are the typical time from attack to restoration of service, Anthony said the repercussions are felt for many months afterward.

“With the recovery efforts and return to operation, the average time for an organization to move through that is about nine months,” she said. “The attack is not the only thing organizations have to grapple with; there are follow-on impacts that are significant. If you're an organization that has about 500 employees, your average recovery cost is going to be about $3.1 million. If an attacker is successful in extracting information from your environment, you'll have to deal with the impacts of that.”

Steps to Take

What steps should credit unions take today to prevent an attack? CUToday.info will share those in a follow-up report.

Comments

Post a Comment

Please no profanity or political comments.

Popular posts from this blog

Growing Your Credit Union Without Expanding Your FOM

For many firefighter and other credit union primarly serving first responders, growth often feels tied to one big decision: expanding the Field of Membership (FOM). But what if you didn’t have to? What if growth could come from within —by deepening relationships, increasing engagement, and capturing more of the financial lives of the members you already serve? The truth is: it can. But it requires a shift in strategy. Rethinking What “Growth” Really Means Most institutions define growth as adding more members. But for single-sponsor credit unions, especially those serving first responders, a more powerful definition is: Growth = more value per member Many members only use one or two products—often a checking account and maybe an auto loan. Meanwhile, larger banks capture mortgages, credit cards, and investments. The opportunity isn’t just new members. It’s: More products per member Higher balances per relationship Greater share of wallet Your Biggest Advantage: The First Responder Life...
Post a Comment
Read Complete Article HERE>»

When Vendors Price for Giants

 Grant Sheehan CCUE | CEO Opinion: When Vendors Price for Giants, They Shrink the Future of Small Credit Unions ! There’s a quiet squeeze happening in the credit union industry, and it’s not coming from regulators or competition from big banks. It’s coming from the very vendors that claim to support the ecosystem. For small credit unions, the problem is increasingly simple and factual: the tools required to compete with digital banking platforms, fraud systems, compliance software, analytics, and payments infrastructure are priced for institutions ten or even 100 times their size. The result is a market where access to essential services is determined not by mission or member need, but by asset size. This isn’t just inconvenient. It’s structurally threatening. Vendors often defend their pricing models as a reflection of complexity or scale. Larger credit unions have more users, more transactions, more integrations, so they pay more, and that seems fair on the surface. But t...
Post a Comment
Read Complete Article HERE>»

Fed still holds off on rate increase | 2015-07-30 | CUNA News

  WASHINGTON (7/30/15)--Citing “moderate” economic expansion, the Federal Open Market Committee continues to do “a balancing act,” said CUNA Senior Economist Perc Pineda. The Federal Reserve’s monetary policy-making body completed its meeting Wednesday without edging up the federal funds interest rate. Fed Chair Janet Yellen has said the committee will opt for an interest-rate increase sometime this fall. The July meeting, however, was not the time. “The Federal Reserve continues to do a balancing act: the U.S. economy is not in a recession and definitely not overheating,” Pineda told News Now . “Changes in monetary policy after all are meant to influence an underperforming or an overheating economy.” Household spending growth has been moderate, and housing has shown additional improvement, the committee said. Labor conditions continue to improve with declining unemployment and solid job gains. Inflation is anticipated to remain near its recent low level in the near term,...
Post a Comment
Read Complete Article HERE>»

Credit Union Lending Picks Up in Most Areas

Credit unions were increasing their portfolios in most areas in June, except business lending and new car loans, where portfolios fell for the 24th month in a row after seasonal adjustments, according to a CUNA Mutual Group report released Tuesday. The Madison, Wis., trade group’s Credit Union Trends Report showed new auto loan balances were $141 billion on June 30, falling at a 3.3% seasonally adjusted, annualized rate from May to June, part of the May-through-October peak car-buying season. Credit unions held $252.4 billion in used car loans on June 30, up 1.2% from May without seasonal adjustments. The Trends Report made slight adjustments to CUNA’s Monthly Credit Union Estimates released earlier in the month. In this case, its changes allowed total auto loan balances to show a slight 0.3% un-adjusted May-to-June gain, compared to being flat in the CUNA report. Steve Rick, chief economist for CUNA Mutual Group and the report’s author, said gains were stronger in other areas, includ...
Post a Comment
Read Complete Article HERE>»

Facial recognition to secure payments will exceed 1.4 billion globally by 2025

BASINGSTOKE, U.K.– The number of users of software-based facial recognition to secure payments will exceed 1.4 billion globally by 2025, from just 671 million in 2020, according to a new study from Juniper Research. “This rapid growth of 120% demonstrates how widespread facial recognition has become; fueled by its low barriers to entry, a front-facing camera and appropriate software,” Juniper said, noting the research identified the implementation of FaceID by Apple as accelerating the growth of the wider facial recognition market, despite the challenges to facial recognition during the pandemic with face mask use. The research recommends that facial recognition vendors implement robust and rapidly evolving AI based verification checks to ensure the validity of user identity, or risk losing user trust in the authentication method as spoofing attempts increase, Juniper reported. Fingerprint Sensors The new research, Mobile Payment Authentication: Biometrics, Regulation & Market Fore...
Post a Comment
Read Complete Article HERE>»

Don't say NO to your members anymore!

Does the following scenario occur at your credit union? If it does, we have a solution for you! A member comes in into your credit union and wants to know if you will loan them a couple of hundred thousand $$$ to buy a building, or can you loan him some seed money to start a new business or purchase equipment for the company they currently own, and you say,  “the credit union doesn't do those kinds of loans”.  Does this sound familiar? How many times do you and your staff say NO and literally tell a member to  “go down the street or go somewhere else” ?  Well, now, you have another option.   CU First Responders Finance (CUFR) CU First Responders Finance, LLC (CUFR)  is a partnership between the National Council of Firefighter Credit Unions, Inc.   (NCOFCU) , and Biz Lending & Insurance Center, Inc. to provide business lending origination programs to NCOFCU member credit unions. CUFR  will provide you with a turnkey operati...
Post a Comment
Read Complete Article HERE>»

What should your credit union budget for in 2025?

As we enter the fourth quarter, many credit union leaders are starting to turn their attention toward planning for 2025. With a myriad of options and new technology, it’s crucial to prioritize services that set credit unions apart while encouraging growth. In this article, we explore several key areas credit unions should consider when preparing their budgets for the coming year. Expanding membership One significant trend shaping the financial landscape is the exodus of big banks from rural communities . This presents a golden opportunity to expand membership to new communities. However, this expansion doesn’t necessarily require traditional brick-and-mortar branches. Credit unions can leverage technology to provide services efficiently and cost-effectively. Some alternative service delivery methods include: Interactive Teller Machines (ITMs) : These advanced ATMs allow members to interact with a live teller via video, providing a personal touc...
Post a Comment
Read Complete Article HERE>»

What Trump’s ‘one big beautiful’ tax-and-spending package means for your money!

  Trump’s megabill will bring sweeping changes for household finances. President  Donald Trump  signed his “one big beautiful” tax-and-spending package on July 4 — legislation that will bring sweeping changes to Americans’ finances.  After the  Senate passed its version  on July 1, the House Republicans on July 3  voted to approve  the multi-trillion-dollar domestic policy legislation and send it to Trump’s desk for signature. The final bill makes permanent Trump’s  2017 tax cuts  while adding new relief, including a senior “bonus” to  offset Social Security taxes  and a  bigger state and local tax deduction . The plan also has tax breaks for  tip income , overtime pay and  auto loans , among other provisions.  The GOP’s marquee legislation will also enact deep spending cuts to social safety net programs such as  Medicaid  and food stamp benefits,  end tax credits tied to clean energy  an...
Post a Comment
Read Complete Article HERE>»

Boston Firefighters Credit Union sets up fund

Posted Mar. 27, 2014 @ 7:35 pm ROSLINDALE The Boston Firefighters Credit Union has created a fund to help support the families of Lieutenant Ed Walsh and Firefighter Michael Kennedy. "In difficult times like these, I am so proud to be mayor of a city that comes together to help our neighbors in need," said Boston Mayor Martin J. Walsh. "Since yesterday's tragic events, we've experienced an outpouring of support from across the city, state, and country. So many people have expressed a willingness to help, in some way, as we grieve the loss of Lieutenant Walsh and Firefighter Kennedy." "Although no donation can heal the wounds suffered by the Walsh and Kennedy families, we are grateful to the Boston Firefighter's Credit Union for helping us create a focal point for peoples’ generosity, and to the people of Boston, of Massachusetts, and of the United States, who have once again shown the power of a community to help healing process begin." ...
Post a Comment
Read Complete Article HERE>»

Sunday Reading - How were the National Parks started?

  America's 'Best Idea'       How were the National Parks started? America's National Park System includes roughly 85 million acres of US territory, equal to the size of Germany, set aside by federal law for preservation. There are 63 areas officially designated as national parks—including the Grand Canyon, the Great Smoky Mountains, and Acadia—and more than 400 additional smaller units ( see map ). In 1872, Yellowstone was established   as the first national park dedicated to public enjoyment and recreation, though its foundation also  displaced several Native American tribes . By 1916, the growing system required the creation of the National Park Service to preserve its lands for future generations. Eventually, hunting and logging were banned in the parks, though regulated extractive activity is still permitted in nati...
Post a Comment
Read Complete Article HERE>»