Skip to main content

What You Can Do About Ransomware Threat

By Ray Birch

RANCHO CUCAMONGA, Calif.—In the wake of a ransomware attack that shut down 60 credit unions, cyber security experts are warning many CUs are just one compromised key supplier away from being shut down, too. It’s a growing threat they say can have numerous  downstream effects on many organizations.

No institution is immune, and the best line of defense remains educating employees on how to avoid making mistakes that place a credit union, CUSO or vendor right into the hands of criminals.

“Co-op Solutions views ransomware attacks as an industry-wide threat that will continue for the foreseeable future with two main threat areas of concern,” said Christopher Williams, deputy chief information security officer at Co-op.

Feature Ransomware

The two areas of concern, according to Williams, are Ransomware-as-a-Service (RaaS) models and cyber supply chain threats.

A Proliferating Model

“With the RaaS model, an attacker doesn’t need to develop their own ransomware capability to turn a system compromise into a ransomware attack. This model has proliferated the cybercrime world. The model can quickly incorporate new tactics, techniques and procedures (TTPs) to be used by a wide range of threat actors,” he said. “The second threat area is the cyber supply chain. Attacks against key suppliers have a ripple effect across the supplier’s client-base. Many companies are one compromised key supplier away from a business crippling service impact.”

How to Respond

wlliams

Christopher Williams

Given that growing threat, what should credit unions be doing now?

“Credit unions should continue to educate their employees on the risk of ransomware attacks and the methods used to gain initial unauthorized access,” Williams advised. “Phishing remains a top attack vector, and social engineering of the service or help desk to compromise user credentials is on the rise.”

Credit unions also need to have robust backup capability—restoring to a clean and non-infected copy of system data, Williams added.

“That can help with the recovery of a ransomware attack,” he said. “In addition, they should become active members of the local area U.S. Secret Service Electronic Crimes Task Forces (ECTF) or Financial Crimes Task Forces (FCTF), which can provide advice in preventing attacks and support during suspected or actual attacks. In addition, monitor threat intelligence type sources for indications of attacks against their organizations or their vendors and new TTPs being used by attackers.

“Finally, practice the incident response to a ransomware attack. Drilling the panic and unknowns out of the process will help increase the chance of a successful recovery if an actual attack occurs,” he said.

The Good News? CUs Not Alone

Jim Stickley, CEO of Stickley on Security, said credit unions are one of many industries being affected by ransomware.

“I am not certain that ransomware is specific (to any organization), and credit unions and fintechs are just part of the much bigger picture of the state of ransomware in general,” said Stickley, who is also CEO of Troy, Mich.-based Mahalo Technologies. “Most people have this idea that cybercriminals are targeting a specific business type. While it’s true that healthcare and education are targeted directly and we also see banks and credit unions get targeted, when it comes to more general business, such as fintechs, we have not seen that level of direct attacks. Instead, what you see is employees who fall victim to phishing attacks or malicious websites.”

‘Average’ People, Not an Average Website

Stickley said when those incidents are investigated, what’s all-to-often discovered is that it was a phishing email that had been sent to hundreds of thousands of organizations that is the culprit, often in in the guise of te malicious websites that have been promoted though malvertising to “average” people. 

stickleyJim

Jim Stickley

“In these cases it’s just the low-hanging fruit. If an employee clicks the link, opens the attachment or browses to malicious sites, they open the door to the criminals. The criminals really don’t care if that organization is fintech, credit union or other business segment,” said Stickley, adding adding he does not believe the recent attack that hit DP vendor Fedcomp and than affected 60 credit unions had any company or credit union as a specific target.

“For criminals, there is little need to put a direct focus on fintech at this time since just about every business entity has similar value and so they will continue to cast a very wide net and whoever gets caught up will be their next victim,” he said.

Advice Shared

For credit unions looking to take some practical steps to defend themselves from ransomware, TruStage is sharing some strategies.

“Responding to the immediate threat of a ransomware attack or any cyber incident in a timely manner is critical to minimize data loss, contain the threat and restore operations,” Chris Gill, TruStage senior manager, risk and compliance solutions, told CUToday.info. “This is true even when that threat originates with a credit union’s third-party service provider or partner. Security incidents that do not originate at a credit union can still have a large impact on credit unions’ operations and reputation.”

Noting the affects such attacks have on member service, Gill added, “It reminds us all of the importance of having strong controls in place to minimize exposure, and to have a comprehensive business resiliency plan that is regularly tested and updated.”

Comments

Post a Comment

Please no profanity or political comments.

Popular posts from this blog

'Tis the season for fraud! Teller questions if member fraud is suspected.

  When a credit union employee suspects a member may be subject to fraud, they should initiate a careful conversation focusing on the nature of the transaction and external influences. The goal is to help the member identify red flags without the employee asking for sensitive personal information that the credit union should already have on file.  Initial Verification Questions    .pdf Before discussing the specifics of the suspicious activity, the employee should confirm the member's identity in accordance with established internal protocols.  Questions About the Transaction/Activity If the member confirms they are conducting a suspicious transaction (e.g., a large wire transfer or purchase of gift cards ), the employee should ask questions to help the member pause and think critically:  "What is the purpose of this transaction?" "Do you personally know the person or business you are sending money to?" "Have you ever met the...
Post a Comment
Read Complete Article HERE>»

Have a Safe and Happy Thanksgiving!

    Thanksgiving, is a day when we pause to give thanks for what we have! www. NCOFCU .org   Have a Safe a...
Post a Comment
Read Complete Article HERE>»

Loan Growth Part 3

MADISON, Wis.–Credit union loan balances rose 1.1% in February, faster than the 0.2% reported in February 2021, even as membership growth slowed significantly during the first two months of 2022, according to data released as part of CUNA Mutual’s April Trends Report. The Report, which is based on data through February, showed overall loan growth was 9.6% during the last 12 months. What is actually happening below the surface? According to the Trends Report, consistent with the trend line the analysis shows large credit unions reported significantly faster loan growth in 2021 as compared to smaller credit unions. Credit unions with assets greater than $1 billion reported loan growth of 8.4% compared to credit unions with assets less than $20 million, reporting loan growth of 0.9%. Here's a look at how credit unions performed by category, according to the newest Trends Report” ...
Post a Comment
Read Complete Article HERE>»

Fed cuts interest rates for the second time this year

The Federal Reserve on Wednesday lowered interest rates for the second time this year in a continued bid to prevent unemployment from surging. Fed officials voted for another quarter-point rate cut, lowering their benchmark lending rate to a range between 3.75% and 4%, the lowest in three years. It is the first time since the Fed’s rate-setting committee was established in the 1930s that officials have set monetary policy while lacking an entire month of crucial government employment data due to a government shutdown. ____________________________________ Check out NCOFCU's additional features: First Responder Credit Union Academy Podcasts YouTube Mini's Blog Job Board
Post a Comment
Read Complete Article HERE>»

Banking During and After COVID-19

Before COVID-19, the banking industry was experiencing an unprecedented period of growth and prosperity. Despite increasing consumer expectations and increased competition from non-traditional financial institutions, most banks and credit unions were stronger than at any period since the financial crisis of 2008. In a matter of only a few weeks, the world of banking has experienced a level of disruption that will change everything that had been the norm in financial services. There has not only been a major change in the way financial institutions conduct business but in the way, employees do their work and the way consumers manage their finances. Banks and credit unions must use this time of disruption to consider reinventing themselves from the inside out. It is a time when we need to better understand the way consumers expect their financial institution to support their financial needs. This includes the way banks and credit unions use data, AI, technology and human resources t...
Post a Comment
Read Complete Article HERE>»

Two Members of FOMC Indicate December Rate Cut Not a Sure Thing

  WASHINGTON–Two members of the Fed’s Open Market Committee have indicated they are in no hurry to further cut rates, despite market expectations. “I’m not decided going into the December meeting” and “my threshold for cutting is a little bit higher than it was at the last two meetings,” Federal Reserve Bank of Chicago President Austan Goolsbee said in a Yahoo Finance interview. “I am nervous about the inflation side of the ledger, where you’ve seen inflation above the target for four and a half years, and it’s trending the wrong way.” Goolsbee was interviewed after last week’s Federal Open Market Committee meeting that saw policymakers cut their interest rate target by a quarter percentage point, to between 3.75% and 4%, as officials sought to offset rising risks to the job market while still keeping interest rates in a position where they’ll help lower inflation pressures, noted Yahoo Finance. As the report also noted, Fed Chair Jerome Powell cautioned last week that “a further r...
Post a Comment
Read Complete Article HERE>»

CUs Encouraged to Promote Automatic Savings Plans

America Saves Week and Military Saves Week kick off this weekend. The week-long, national campaigns will begin Feb. 19 with events that aim to unite government, nonprofit and corporate groups to encourage individuals and families to save and build personal wealth. This year’s campaign theme – “Set Goals, Make a Plan, Save Automatically” – promotes the need for families to get aggressive with automatic savings.****READ MORE: CUs Encouraged to Promote Automatic Savings Plans :
Post a Comment
Read Complete Article HERE>»

Not Your Mother’s Credit Union

“Stablecoins aren’t a speculative play. They’re the next evolution of payments — and a chance for credit unions to lead, not lag. It starts with connecting members to DLT rails - the digital wallet. Without that, nothing else can happen. It’s just a new payment rail - embrace it or lose the relationship. It’s that simple.” While ‘ stablecoins ’ were the prevailing buzzword across Money20/20 this year, the credit union industry had a significant presence. Small financial institutions have staked a place in the future of payments. Credit unions  received a significant boost this summer with the enactment of the stablecoin bill into law. The Guiding and Establishing National Innovation for U.S. Stablecoins Act authorizes subsidiaries of federally insured credit unions, such as credit union service organizations, to become issuers. Not Your Mother’s Credit Union A Money20/20  fireside chat  with the regulator for credit unions that I moderated focused on the rulemaking task a...
Post a Comment
Read Complete Article HERE>»

Lifesaving Companion Dog Takes On New Role With Injured Firefighter « CBS New York

Lifesaving Companion Dog Takes On New Role With Injured Firefighter « CBS New York : "NEW YORK (CBSNewYork) — A badly injured New York firefighter received a companion dog whose already saved people’s lives from fire. As CBS2’s Dave Carlin reported, disabled firefighter Tom Prin beamed as he was officially presented with his new canine companion Halona inside of a packed ceremony in Suffolk County. The former firefighter was one of 15 people receiving their canine companions. Prin was chosen because of what he’s been through — after fracturing his neck and back while responding to a Brooklyn fire. “When I was going from the third to fourth floor, the steps gave out and I fell through the fire escape,” he said. Prin has endured five spinal surgeries, but the Holtsville man will now be comforted by Halona who has quite the lifesaving resume herself." Click HERE to read full story and see video 'via Blog this'
Post a Comment
Read Complete Article HERE>»