Skip to main content

What You Can Do About Ransomware Threat

By Ray Birch

RANCHO CUCAMONGA, Calif.—In the wake of a ransomware attack that shut down 60 credit unions, cyber security experts are warning many CUs are just one compromised key supplier away from being shut down, too. It’s a growing threat they say can have numerous  downstream effects on many organizations.

No institution is immune, and the best line of defense remains educating employees on how to avoid making mistakes that place a credit union, CUSO or vendor right into the hands of criminals.

“Co-op Solutions views ransomware attacks as an industry-wide threat that will continue for the foreseeable future with two main threat areas of concern,” said Christopher Williams, deputy chief information security officer at Co-op.

Feature Ransomware

The two areas of concern, according to Williams, are Ransomware-as-a-Service (RaaS) models and cyber supply chain threats.

A Proliferating Model

“With the RaaS model, an attacker doesn’t need to develop their own ransomware capability to turn a system compromise into a ransomware attack. This model has proliferated the cybercrime world. The model can quickly incorporate new tactics, techniques and procedures (TTPs) to be used by a wide range of threat actors,” he said. “The second threat area is the cyber supply chain. Attacks against key suppliers have a ripple effect across the supplier’s client-base. Many companies are one compromised key supplier away from a business crippling service impact.”

How to Respond

wlliams

Christopher Williams

Given that growing threat, what should credit unions be doing now?

“Credit unions should continue to educate their employees on the risk of ransomware attacks and the methods used to gain initial unauthorized access,” Williams advised. “Phishing remains a top attack vector, and social engineering of the service or help desk to compromise user credentials is on the rise.”

Credit unions also need to have robust backup capability—restoring to a clean and non-infected copy of system data, Williams added.

“That can help with the recovery of a ransomware attack,” he said. “In addition, they should become active members of the local area U.S. Secret Service Electronic Crimes Task Forces (ECTF) or Financial Crimes Task Forces (FCTF), which can provide advice in preventing attacks and support during suspected or actual attacks. In addition, monitor threat intelligence type sources for indications of attacks against their organizations or their vendors and new TTPs being used by attackers.

“Finally, practice the incident response to a ransomware attack. Drilling the panic and unknowns out of the process will help increase the chance of a successful recovery if an actual attack occurs,” he said.

The Good News? CUs Not Alone

Jim Stickley, CEO of Stickley on Security, said credit unions are one of many industries being affected by ransomware.

“I am not certain that ransomware is specific (to any organization), and credit unions and fintechs are just part of the much bigger picture of the state of ransomware in general,” said Stickley, who is also CEO of Troy, Mich.-based Mahalo Technologies. “Most people have this idea that cybercriminals are targeting a specific business type. While it’s true that healthcare and education are targeted directly and we also see banks and credit unions get targeted, when it comes to more general business, such as fintechs, we have not seen that level of direct attacks. Instead, what you see is employees who fall victim to phishing attacks or malicious websites.”

‘Average’ People, Not an Average Website

Stickley said when those incidents are investigated, what’s all-to-often discovered is that it was a phishing email that had been sent to hundreds of thousands of organizations that is the culprit, often in in the guise of te malicious websites that have been promoted though malvertising to “average” people. 

stickleyJim

Jim Stickley

“In these cases it’s just the low-hanging fruit. If an employee clicks the link, opens the attachment or browses to malicious sites, they open the door to the criminals. The criminals really don’t care if that organization is fintech, credit union or other business segment,” said Stickley, adding adding he does not believe the recent attack that hit DP vendor Fedcomp and than affected 60 credit unions had any company or credit union as a specific target.

“For criminals, there is little need to put a direct focus on fintech at this time since just about every business entity has similar value and so they will continue to cast a very wide net and whoever gets caught up will be their next victim,” he said.

Advice Shared

For credit unions looking to take some practical steps to defend themselves from ransomware, TruStage is sharing some strategies.

“Responding to the immediate threat of a ransomware attack or any cyber incident in a timely manner is critical to minimize data loss, contain the threat and restore operations,” Chris Gill, TruStage senior manager, risk and compliance solutions, told CUToday.info. “This is true even when that threat originates with a credit union’s third-party service provider or partner. Security incidents that do not originate at a credit union can still have a large impact on credit unions’ operations and reputation.”

Noting the affects such attacks have on member service, Gill added, “It reminds us all of the importance of having strong controls in place to minimize exposure, and to have a comprehensive business resiliency plan that is regularly tested and updated.”

Comments

Popular posts from this blog

Without President’s Signature, ROAD to Housing Act Becomes Law; Includes CU Board Modernization Act

WASHINGTON — The bipartisan 21st Century ROAD to Housing Act became law Friday without President Donald Trump’s signature after the president allowed the measure to take effect while Congress remained in session, choosing not to sign it in protest over the Senate’s failure to advance separate voter identification legislation.  The legislation includes the Credit Union Board Modernization Act, which reduces the frequency with which credit unions must meet and which had strong support from the credit union trade groups.  Trump announced on social media that he would not sign the housing package because the Senate had not passed the SAVE America Act, a measure he has championed requiring proof of citizenship for voter registration. Under the Constitution, a bill becomes law if the president neither signs nor vetoes it within 10 days, excluding Sundays, while Congress is in session.  Scott Simpson ‘Steadfast in Commitment’ “America’s Credit Unions, our league partners, and cr...

Invest in Education - Invest in Tomorrow

 

Inflation Cools in June Report, But One CU Economist Says There’s One Reason–And it Could Change

WASHINGTON — U.S. consumer inflation cooled more than expected in June, offering relief after several months of elevated price pressures, though economists cautioned the improvement could prove temporary as renewed geopolitical tensions threaten to push energy prices higher. The Consumer Price Index fell 0.4% in June on a seasonally adjusted basis, the largest monthly decline since April 2020, after rising 0.5% in May, according to data released Tuesday by the Bureau of Labor Statistics . Compared with a year earlier, consumer prices rose 3.5%, down from 4.2% in May.  Foot off the Gas Dawit Kebede “Falling gas prices led June’s decline and pulled headline inflation lower year-over-year. Renewed hostilities could complicate the energy picture ahead, and a reversal in gasoline costs would be the most likely channel for that pressure to show up,” said America’s Credit Unions Senior Economist Dawit Kebede. “But softening core prices point to broader-based moderation, suggesting the ea...

What You Might Not Know About July 4th.

White Paper from WOCCU Examines How Stablecoins are Reshaping Financial Infrastructure

WASHINGTON– World Council of Credit Unions (WOCCU) has released a new white paper that examines how stablecoins are reshaping the financial infrastructure that credit unions and other cooperative financial institutions rely on to serve their members.  According to WOCCU, the white paper, How Digital Money Is Impacting Credit Unions, Part 1: Focus on Stablecoins , is the first in a planned three-part series exploring how emerging forms of digital money are affecting the global credit union movement.  “The report begins by noting that stablecoins are no longer a niche fintech development, but part of a broader structural shift in how money is stored, moved and regulated,” WOCCU explained. “As commercial banks, payment networks, technology firms and retailers build stablecoin offerings or integrate stablecoin rails into their platforms, credit unions must consider how these changes could affect deposits, payments, member relationships and long-term institutional relevance.” For ...

NCUA Tells FICUs Crypto Trading is OK — If Big Exchanges Provide the Service

When it comes to reading between the lines of financial regulators’ advisory letters, tone matters. Take last week’s letter from the National Credit Union Administration (NCUA) which gave the federally insured credit unions (FICUs) it oversees permission to partner with digital asset providers to allow retail customers to buy, sell and trade in cryptocurrencies. Now compare it to the one issued by Comptroller of the Currency Michael Hsu’s agency to the national banks and federal savings associations it regulates a month earlier. On the surface, both said much the same thing: Financial institutions can provide cryptocurrency services (albeit with some notable differences: the OCC’s letter dealt with more back-end services, including custody services as well as holding and using dollar-pegged stablecoins for transaction settlement). Neither was enthusiastic. The NCUA’s letter said it “does not prohibit FICUs from establishing these relationships” — which is not as enthusiastic as “are a...

Emerging Risks and How to Mitigate Them

5 Emerging Risks and How to Mitigate Them With each technological advance emerges new risk. Think about it: Every technology upgrade, new mobile device and new payment method brings exposure that wasn’t identified previously. The real threat occurs when these risks aren’t anticipated or communicated within your organization. Here are five emerging risks every credit union should have on their radar right now: Social media. Employees posting comments on social media that are inaccurate or appear incomplete or disparaging can threaten your organization’s reputation. Be careful when taking disciplinary action, as the National Labor Relations Board can classify social media activity as “protected concerted activity.” Mistakes here can lead to retaliation, wrongful termination claims and expensive litigation. Internet of Things (IoT) era . The IoT offers new tools and technologies that provide constant connectivity. It also creates new opportunities for data compromises. Workplace ...

Houston Texas Fire Fighters Federal Credit Union Disaster Relief Fund

Houston Texas Fire Fighters Federal  Credit Union Disaster Relief Fund   The National Council of Firefighter Credit Unions Inc (NCOFCU) has established a Disaster Relief Fund which will contribute directly to the Houston Texas Fire Fighters Federal Credit Union. The fund's donations will be used to assist in the rebuilding efforts of their staff and volunteers. Many of the staff and volunteers have suffered sufficient losses if not total losses to their homes and property due to the heavy rains and flooding in the past week. If you or your credit union/organization would like to contribute directly to Houston Texas Fire Fighters Federal  Credit Union through our fund to further assist in their recovery, please use the following links. Ways to Give     Mail in Pledge Form      On-Line Contribution Form *The National Council of Firefighter Credit Unions, Inc. (NCOFCU) is a non-profit, 501(c) (3) charitable organization. Donors ...

The Federal Reserve has opted to make no changes in interest rates

WASHINGTON–The Federal Reserve has opted to make no changes in interest rates following the conclusion of its meeting here, but it has indicated it could move as soon as next month to cut rates if the United States and China isn’t able to find ways to resolve their trade dispute. As a result,  For now, the Fed left its short-term rate at a range of 2.25% to 2.5%. Eight of the 17 votings, Fed policymakers did predict there could be as a half percentage point decline in rates in 2019. In a statement following its meeting, the Fed did dial down a bit its forecast for the economy.   “In light of these uncertainties and muted inflation pressures, the FOMC will closely monitor the implications of incoming information for the economic outlook and will act as appropriate to sustain the expansion, with a strong labor market” and inflation near the Fed’s 2% goal,” the Fed said.  Fed Chairman Jerome Powell in recent interviews has expressed concerns over what he ...

New GDP Data is ‘Positive,’ Clouds Clearing, Says NAFCU Economist

WASHINGTON–Although discussion and forecasts continue to focus on a recession in the U.S. economy, economic growth remained solid at the end of 2022, according to new federal data. Curt Long The Commerce Department said U.S. gross domestic product, adjusted for inflation, increased at an annual rate of 2.9% in the fourth quarter of 2022, down slightly from a 3.2% growth rate in the Q3. Consumer spending grew at a 2.1% rate, according to the Commerce Department data, which will be revised at a later date. “The big picture view of economic growth in the fourth quarter is a positive one,” said NAFCU Chief Economist and VP-Research Curt Long. “Much of that grow...