800%. That’s how much cyberattacks have increased in 2020 as compared to last year, according to the FBI.
Here’s another shocking statement enough to keep you awake at night:
9 out of 10 financial institutions are targeted by ransomware attacks.
That’s almost all banks and financial institutions. One firm reported that cyberattack could be the largest threat to the world as we know it. And we aren’t even getting started on it yet.
So, no more bank robberies as shown in Money Heist. They are left only for entertaining viewers in movies and seasons. Today’s robbers are ransomware attackers, far more dangerous than any ordinary group of robbers attempting a massive bank robbery.
On the New Year Eve of 2019, while people were busy in celebrations around the globe, a certain group of hackers was all set for their own new year resolutions. Travelex, a UK based currency exchange business had to halt its operations to ground due to a network wide ransomware attack. RYUK cybercriminals demanded a hefty ransom to stop them from publishing customer data online.
The company had to take down its websites and entire network in over 30 countries worldwide, leaving hundreds of thousands of customers stranded without local currency. This disruption wasn’t also felt by customers, but also by banks and other businesses relying on Travelex’s currency exchange services.
With an explosion in the number of ransomware attacks, hackers aren’t sparing any company, big or small. So while you use your favorite modes of cashless payments such as transferring funds, shopping online, and paying bills, remember that you’re constantly under the threat of having your money vanished from the bank account.
Why are banks a lucrative target?
It’s simple! Truckloads of money. Hackers and bankers, both know how much money financial corporations and institutions have. There is a huge potential of “rewards” for cybercriminals holding a bank ransom.
Hackers behind the RYUK and Sodinokibi Ransomware variants are known for targeting the big fish because payouts are equally big. Banks would never want sensitive data such as usernames, passwords, credit card numbers and other details in the hands of these criminals. Banks would pay top bucks to get their encrypted data back and force criminals not to release any of the data.
Just last month, A Chilean bank had no other option but to shut down its entire operation for several days. You guessed it right, another RYUK ransomware attack.
And despite all the warnings, an employee opened an email containing an Office document, which went on to install a backdoor at the bank’s network. No cyberattack takes place the moment an email is opened. Instead, cybercriminals install a backdoor, monitor keystrokes and entire activity, and slowly but steadily start encrypting data before going all in on a ransom attack.
It took several days for the bank to clean up their network, during which their services remained disrupted.
How can banks prevent a ransomware attack?
If there is one thing we know for sure in 2020, it’d be a staggering rise in 5th generation warfare. Banks, financial institutions, COVID19 vaccine research laboratories, pharmaceutical companies and city governments all have had their fair share of network breaches and tarnished reputation.
While there isn’t a surefire method of remaining 100% safe from these criminals, there are steps banks need to take to safeguard their data. These steps aren’t in the form of an advice, rather should be seen as a proper plan to combat ransomware attacks:
Invest in Cybersecurity training of employees
The Chilean bank ransomware case happened because an employee opened a genuine-looking email containing an Office document.
We won’t blame employees for opening up malicious links. It just isn’t their fault. Banks communicate with customers and employees most of the time through email. And with an ever-increasing pressure, no employee can individually ensure the email they’re opening is from a legitimate source or not.
They were never trained in the first place to practice cyber hygiene in their offices. Having a cybersecurity firm on board is an excellent way to come up with a viable policy and employee training initiative.
Users need to be trained and educated on how to identify a suspicious-looking email, even if it takes time to confirm the sender has sent it. A Whatsapp message or call can be made to the original sender confirming if the sender has sent it. The language of a suspicious-looking email seems to be written in haste by an average English-speaking person. While the content of these emails have improved significantly making it difficult for an average Joe to determine the authenticity of the sender, there are still hidden signs the receiver needs to be looked for.
For example, a colleague who has never spoken to you in months won’t send an email forcing you to download and open an office document containing surprise information about your workplace.
Restricting access to files
Not every user needs to have admin privileges to customer data. In a highly likely case of a user getting compromised, the risk of infection shall be limited when the user has limited file-restricted and data access.
Strong firewall and anti-malware
Several corporations such as Nixdorf and Cognizant provide banking centric software for marketing, operations, ATM, and digital banking. Banks need to get software designed and developed according to their needs with several layers of security, making it extremely hard for hackers to break in.
There is no need for bank employees to download torrents or watch movies at the workplace from a site that streams pirated titles. It only increases the chances of getting infected. Limited internet browsing activities should do the heavy lifting of automatically blocking unnecessary websites at an office system.
Quick Recovery solutions
While many corporations can get away with an attack by paying the ransom, the case is quite complicated with banks. The customer data held with banks isn’t just limited to usernames or passwords. In an event of credit card thefts, entire accounts can be emptied by hackers without customers having any clue of it.
The case isn’t just riskier, it’s also more complicated for any financial institutions also responsible for safeguarding customers’ money.
Using Internet Explorer 5 on a Windows XP system to manage a list of business accounts worth in millions or even billions of dollars isn’t a cool idea to stay safe. You need to install the latest software and OS, alongside regularly downloading their patches to ensure maximum safety.
It isn’t employees’ duty to upgrade software. That’s where cybersecurity companies like BeforeCrypt come in for ransomware data recovery. Using a cybersecurity company should be akin to washing your hands with soap before having your meal. That’s where most of the germs need to be killed.