'Anatomy' Of A Ransomware Attack

By Ray Birch

BALTIMORE—Credit unions should brace for almost a month of major problems if they’re victimized by a ransomware attack, according to one cybersecurity expert, whose insights into the “anatomy” of a ransomware attack are coming at the same time nearly 60 CUs are currently trying to restore their own operations.

As those credit unions have come to learn, it takes on average 22 days to get through a ransomware attack and get to the other side, that same expert stated.

That information and additional insights were shared during a webinar hosted by cybersecurity firm Think/Stack, which that was held to provide CUs with insights and answers regarding ransomware in light of the recent attack that that continues to affect those five-dozen CUs hit by an attack on a common vendor.

“We're all being targeted, and this (recent attack) could have happened to anybody,” said Cal Bowman, Think/Stack VP of client innovation and strategy, referring to an attack on the CUSO Ongoing Operations that in turn affected the data processor Fedcomp. “So, it's really important we all recognize that every one of you here has vendors, has partners that are vulnerable. Therefore, the question is, are you ready to respond to any type of large-scale event that really can cripple your organization?”

What’s Been Learned

Bowman said a goal of the webinar, which was attended by more than 300 credit unions, was to walk through what happens during a ransomware attack and share what his company has learned supporting CUs that have been victimized by such attacks.

Think/Stack VP of Security and Risk Jennifer Anthony said when a ransomware attack occurs in an organization it frequently creates the “fog of war.”

“What you will see in a generalized ransomware attack is the tactical and technical pieces that begin to happen over the first couple days,” Anthony explained.

But at the same time a credit union is seeking to find a tactical path through that fog, the emotional side of the battle must be given attention, as employees struggle to get the CU operating again, Anthony said.

“There is confusion and concern,” she said. “Maybe someone can't get on to a system they previously could access. Maybe there's a service that's not working and folks are starting to feel confused about what's going on. All this is happening as your technical teams in the background are beginning to quickly investigate the source of the problem.”

Anthony emphasized a credit union involved in a ransomware attack should be prepared to spend at least three weeks dealing with it.

The Internal Threat

As CUToday.info has reported and as credit unions are frequently warned, ransomware attacks often occur due to an employee opening the door by falling for a phishing scam or downloading a file they believe to be safe.

“This is a function of human performance,” she noted. “We all begin to look for who's at fault, who did something they were not supposed to do that caused this. What we tell organizations is that when you get caught in that space, you should not spend a lot of time trying to figure out who to point the finger at, (but instead spend) time trying to figure out how to get out of the situation.”

Not surprisingly, Anthony described the working environment following an attack as “chaotic.”

‘Everyone’s Scared’

“Everyone's scared. We're not sure what's going on and maybe we have members who are really angry. Maybe we have board members that are really angry, or leaders that are really angry,” she said. “The goal at this point is to figure out how to get past it. We'll figure out who's to blame or what's to blame, or how we can prevent it in the future at a later point.”

It's an issue credit unions should take seriously, according to Anthony, who said there is a growing ransomware threat to the not-for-profit co-ops.

“In the last seven months we worked with six credit unions who individually found themselves in this space,” she said. “This is something that's happening on a regular basis, across all industries.”

Anthony reminded that as the credit union moves through a ransomware incident many employees will be feelin remorse and concern over fellow workers in IT who are working feverishly to restore operations.

“They feel like they are at fault for what is going on, and that is a very difficult place to be,” she said. “The technical teams are trying to figure out how to remediate the situation. I've been in organizations where technical teams are working nonstop, around the clock, for days and days. The credit union then is trying to figure out how do we feed people? How are we going to send people home to sleep so they can come back and be effective—because you are in this fight for a long time and there is a lot of pressure on everyone.”

Like Being in a Battle

Anthony likened the experience to those who fight in a war.

“I spent 20 years in the in the United States military, and this is a roller coaster akin to what a service member might experience in their daily lives—and this can be traumatic,” she said.

She urged credit unions to consider where they are vulnerable.

“We know 93% of ransomware attacks are in Windows-based environment,” she said. “If we listed them in order of frequency of occurrence, how they occur, here's what they would be: Number one is e-mail phishing campaigns. Number two would be (remote desktop protocol or RDP) vulnerabilities. And number three would be software vulnerabilities.”

The Long-Term Affects

While those 22 days are the typical time from attack to restoration of service, Anthony said the repercussions are felt for many months afterward.

“With the recovery efforts and return to operation, the average time for an organization to move through that is about nine months,” she said. “The attack is not the only thing organizations have to grapple with; there are follow-on impacts that are significant. If you're an organization that has about 500 employees, your average recovery cost is going to be about $3.1 million. If an attacker is successful in extracting information from your environment, you'll have to deal with the impacts of that.”

Steps to Take

What steps should credit unions take today to prevent an attack? CUToday.info will share those in a follow-up report.

Comments

Syracuse Fire Department Credit Union

Remember, you're not alone with NCOFCU.org Join/Upgrade Check out some of NCOFCU's additional features: First Responder Credit Union Academy Financial Literacy Podcasts YouTube Mini's Blog Job Board

Read Complete Article HERE>»

Happy Holidays To All Who Serve

Happy Holidays To All Who Serve 12/22/2025 10:28 am By Grant Sheehan and Anthony Hernandez Every year, many Americans celebrate the joy of family and relief from work the holidays bring. Apart from the hustle and bustle, the holiday season is a special time to be with loved ones, engaging in family traditions and rituals, and making memories that will last a lifetime. However, not everyone gets to partake in the holiday gatherings. There are over a hundred thousand military members serving in harm’s way or in 24-hour command center...

Read Complete Article HERE>»

Next Gen of Payments Could Leave ACH System Behind, Bank CEO Cautions

NEW YORK–The next generation of payments could leave the Automated Clearing House (ACH) system behind as stablecoins and tokenized deposits move into the banking core, according to one bank CEO. Custodia Bank CEO Caitlin Long said during a discussion with TheStreet Roundtable host Scott Melker that the “tokenized dollars are going to be big. Yes, there’s a distinction between tokenized bank deposits and stablecoins. Yes, right now, all the activity is in stablecoins, but we’re going to link the two in a safe and sound way.” During the discussion, Long cited Citi’s upgraded forecast for the sector, which now projects between $3 trillion and $4 trillion in stablecoins outstanding by 2030, according to Yahoo Finance, which noted Long believes even that range is far too conservative. “Those numbers are still too low,” she said. “I think they’re way too low.” According to Long, the innovation lies in embedding blockchain technology directly into the banking infrastructure rath...

Read Complete Article HERE>»

Is another housing bubble brewing?

While there have been fears expressed by some of a repeat of the housing bubble that led to the housing crisis just over a decade ago, numerous real estate analysts say they believe the market fundamentals are much stronger now and that the sharp increase in home prices reflects low rates, a lack of inventory, and demographics. To be sure, the market is hot in many markets, with home sellers receiving multiple cash offers, often over the listed price, on homes. Some analysts, including those at Swiss banking giant UBS, have published charts showing how home prices are outstripping both wages and rents, reported USA Today. Home prices have appreciated more than 60% since November 2012, incomes have only appreciated by 20% and rents by 30% over the same time period, the report added. “But unlike the real estate boom that led to the Great Recession, this nationwide price spike is not being fueled by a wholesale collapse in lender ethics,” USA Today reported “There aren't any low-doc o...

Read Complete Article HERE>»

Sunday Reading - The gold standard, explained

Gold Standard The gold standard, explained A gold standard is a system where a country’s currency is pegged to, and can be converted into, a fixed amount of gold. It’s typically meant to create a sense of security in the country’s currency: When a government uses a gold standard , its currency can be exchanged for an equivalent amount of gold—although regulations around redemption vary by country. After the Civil War, in 1873, America adopted the gold standard for the first time. At the time, if gold was priced at $100 an ounce, each dollar rep...

Read Complete Article HERE>»

Email and Text Message Etiquette

As we navigate our everyday communications, I want to emphasize the importance of practicing good email and text message etiquette. This enhances clarity and ensures that everyone feels respected and valued in our interactions. Email Etiquette: 1. Use a Clear Subject Line: A subject line that accurately reflects the content of your email will help recipients know what to expect. 2. Greet Appropriately: Start with an appropriate greeting, such as "Dear [Name]", "Hello [Name]," or "Hi [Name], which sets a positive tone. 3. Acknowledge Receipt: If you receive an email that requires a response, action, or information, please acknowledge its receipt. A simple reply confirming that you have received the email helps the sender know their message was received and provides an opportunity to clarify expectations. 4. Be Concise: Keep your emails clear and to the point. Avoid excessive details unless necessary. 5. Professional Language: Use respectful and professional l...

Read Complete Article HERE>»

NAFCU Economist: U.S. Might Dodge Recession

Curt Long said a strong jobs report shows resilience despite the Fed’s escalation in interest rates. By Jim DuPlessis | January 06, 2023 CUTimes Source: Shutterstock. NAFCU Chief Economist Curt Long said Friday the continued strength in the job market has increased the odds the nation will dodge a recession this year. The U.S. Bureau of Labor Statistics reported Friday there were 153.7 million seasonally adjusted jobs in December, an increase of 223,000, or 0.1%, from November and up 3% from a year earlier. The unemployment rate was 3.5% in December, down from 3.6% in November and 3.9% in December 2021. Long said December’s rate was the lowest in more than 50 years, while the labor force participation rate rose slightly. Seasonally adjusted average hourly earnings were $32.82 in December, up 0.3% from November and up 4.6% from a year ago, a slightly lower rate of increase from previous months. Curt Long “This is an unambiguously positiv...

Read Complete Article HERE>»

With Up to 30% of Workforce to be Laid Off, Union Says ACU Refusing to Engage; Says Portion of CEO’s Salary Could be Used to Maintain Jobs

N, Wis. – America’s Credit Unions, the trade group formerly known as CUNA prior to its merger with NAFCU, plans to lay off up to 30% of its workforce in Madison, Wis., according to the Office and Professional Employees International Union (OPEIU) Local 39. As CUToday.info reported earlier, the trade group filed a notice with Wisconsin’s Department of Workforce Development on January 12 of this year. OPEIU noted America’s Credit Union’s had cc’d Madison Mayor Satya Rhodes-Conway on the notice, adding, “This is a difficult decision, and we appreciate any assistance you may provide to our employees in this difficult period with their job search and transition.” According to OPEIU 39, America’s Credit Unions has refused to meet or provide any detai...

Read Complete Article HERE>»

Are You Ready for the Next Wave of Mergers & Acquisitions?

Remember you are not alone with NCOFCU! If you are consedering a merger reach out to us to see if we can't keep you within the first responder credit union network. ceo@ncofcu.org - 305.951.3306 ALM First shares key lessons and advice from credit unions with merger and community bank acquisition experience. By David Ritter & By Brandon Pelletier | April 10, 2024 at 09:00 AM Credit/Shutterstock With the pace of industry mergers already ramping up in 2024 and projected to increase, it's more important than ever for credit unions to have a predefined M&A strategy and be ready for the inevitable calls from prospective partner organizations. Here, we'll share key lessons and advice from cooperatives that have merger experience with other credit unions and acquisition experience with community banks to help your team prepare. Define Your Vision and Evaluation Criteria ...

Read Complete Article HERE>»

One Group of Competitors Has $3 Average OD Fee

By Ray Birch LAKE FOREST, Ill.—A new study suggests credit unions should be less concerned about what big banks are doing with overdrafts and instead focus their attention on fintechs. A new report from Moebs $ervices reveals fintechs continue to grab an even greater share of the checking market, and a big reason is a $3 average overdraft fee combined with targeted marketing. “Fintechs are raking in the checking market share by going after those consumers who seldom overdraw but do so enough to add to profitability,” explained Michael Moebs, economist and chair of Moebs $ervices. “Fintechs are targeting, with one checking account, people with higher FICO scores. This is not what CUs, banks and thrifts are doing. Plus, most of the fintechs will pay interest on their checking account. It is classical financial services pricing— using fees, rates and balances.” ...

Read Complete Article HERE>»

First-responder Credit Union Newsroom

Search This Blog