bigstock-Man-Paying-Ransom-To-Black-Hat-121432013.jpgThe headlines seem to be consistently on the scroll: “Ransomware Attacks on the Rise” or “Company X Held Hostage by Hackers.”  What’s disturbing with these headlines is that what started off as a consumer problem is now hammering at businesses. What’s even more disturbing is that most security experts agree that it’s almost impossible to recover data that might have been encrypted in a ransomware attack without access to the decryption keys, or to a backup copy of the affected data so companies are forced to pay up to get their data back.

Ransomware attacks occur when online extortionists encrypt data on a victim’s computer and then demand a fee for unlocking it. This type of cyber crime is rapidly expanding and wreaking havoc along the way.

According to cybersecurity expert Richard Carberry, Cybercriminals’ use of ransomware, such as Locky, CryptoLocker and CryptoWall, saw tremendous growth in 2015, a trend that McAfee Labs predicted will escalate among financial institutions and local governments in 2016.

He goes on to explain that ransomware is malicious software that infects computers and then proceeds to encrypt data on the hard drive, primarily files from applications such as Microsoft Excel and Word. It can then spread its mayhem across mapped network shares to critical files on company servers. Organizations receive a pop-up or locked screen saver that provides instructions on how to pay a ransom, generally using an online payment system such as Bitcoin. After receiving payment, the criminals send victims the private key(s) to decrypt locked files and recover from a very effective denial of service attack and loss of access to customer data.

Carberry suggests having good backups of critical data is an effective mitigation strategy to recover from these attacks. But the newer, more sophisticated variants of ransomware are starting to encrypt data across unmapped network shares, which could end up encrypting network-accessible data backups. To combat this, backup data should be air-gapped from the network, not stored on hardware connected to the Internet.

Credit unions have already been victimized by ransomware infections but, fortunately, were able to recover by using backups. Not everyone is so well prepared, and many businesses and government entities have had to pay to recover their data.

Prevention is key. Credit unions should have disaster recovery measures in place for blocking the threat and for easing the damage to the extent possible. Have you done your due diligence in choosing vendors for your credit union core technology and IT systems that are capable of handling disasters, ones that you can trust, and will pay off when issues arise so you don’t have to pay off an extortionist?

Get the Complete Testimonial on Disaster Recovery for your CU

Topics: Disaster Recovery

Recent Posts

Posts by Topic

see all topics
FLEX will improve your system efficiency.