Financial Institutions and Ransomware | TorchLight Security

Get ahead of attackers and protect valuable assets from impending ransomware attacks. Here are a few things that financial institutions should know about ransomware – its current trends, targets, and tactics.

Blog

Financial Institutions and Ransomware

For financial institutions, strong cyber defenses are essential. Simply following safety regulations, however, doesn’t mean institutions like banks, insurance, or investment firms are immune from attacks. For many years, financial institutions have been prime targets for cyber attacks (and especially ransomware attacks). Get ahead of attackers and protect valuable assets from impending ransomware attacks. Here are a few things that financial institutions should know about ransomware – its current trends, targets, and tactics.

Typical Attack Vectors for Financial Institutions

The potential for a high payout makes financial institutions prime targets for ransomware attacks. The disproportionate number of attacks on financial institutions rose even higher in 2021 – potentially due to the perceived decrease in security with so much of the corporate workforce still working from home. As a result, President Biden has made preventing cyber threats a main feature of his presidential agenda.

White Rabbit Attack by FIN8 on Local U.S. Bank

When analyzing a recent attack on a U.S. Bank, cyber analyst firm Trend Micro noticed a new type of ransomware called White Rabbit. They believe a threat actor called FIN8, which until recently had focused mostly on infiltration and reconnaissance, could be behind the attack and thus expanding operations into ransomware. White Rabbit uses a “pay-now-or-get-breached” scheme in which data is exfiltrated before encryption then threat actors extort victims to pay so that the stolen information is not published online. Often, threat actors also threaten to send the information to supervisory bodies and the media as well (for a double threat to privacy and reputation). What can you learn from this? Complete and comprehensive coverage can help limit the damage of stolen data or ransomware attacks.

CNA Insurance Attack

In March of 2021, the U.S. Insurance Firm CNA fell victim to a ransomware attack that disrupted the firm’s employee and customer service. It impacted corporate email and the systems and functionality of CNA’s website, leading the insurance firm to pay the hackers $40 million to regain control. The ransomware attack exposed the personal information (including names and social security numbers) of thousands of employees, contractors, and policyholders. It has prompted financial institutions and enterprises alike to ensure that they have top-level protection not only for regulated customer data, but also for employee data and internal systems.

How to Prepare for and Mitigate Attacks

For financial institutions, cyberattacks sometimes seem inevitable. However, with the right preventative measures in place the damage done can be minimized. TorchLight can help protect your organization by:

  • ​​Understanding your business’ unique needs and integrating security strategy into business strategy to make security a tool for business progress.
  • Helping to properly secure your networks, automating your backups separate from primary systems and helping with employee awareness and training.
  • Training your staff on how to recognize potential threats and what to do if a security breach is made and helping you implement a backup plan.

How can TorchLight help?

Contact us to learn what you can do to protect yourself from impending cyber threats.