Cisco Blogs
Share

Ransomware Lessons for the Financial Services Industry

- May 16, 2017 - 2 Comments

As long as there have been banks, there have been bank robbers. In the past, bank robbers may have held up bank tellers at gunpoint. Today, threats are less visible—but just as frightening. This weekend’s massive ransomware attack demonstrated just how pervasive, far-reaching, and devastating a cyberattack can be.

What is ransomware?

Even if you hadn’t heard the word “ransomware” before, after this weekend, you’re probably talking about it quite a bit (or at least reading about it). On Friday, a global ransomware attack hit thousands of computer systems—and is being called “the biggest cyberattack the world has ever seen.” Organizations such as the UK’s National Health Service (NHS) and global companies like FedEx were affected by the ransomware strain, known as WannaCry.

Ransomware is a type of malware that encrypts data, making it impossible for the owners of that data to access it unless they pay a fee. In this case, the WannaCry virus spread through a vulnerability in Microsoft Windows software. Although the “hole” in the software that allowed the virus into the system could have been patched by a free upgrade from Microsoft in April, many computers that were infected were out-of-date devices that were likely not deemed worth the cost of an upgrade. Some were machines involved in functions that were too difficult to take offline to patch without disrupting crucial operations. This ransomware virus was unique because it spread independently through networks to unpatched devices, without the need for a person to download a file or visit a website.

  • For a more in-depth review of the basics of ransomware and how to comprehensively protect your organization, download our free eBook or explore our ransomware resource page.

Cybercrime and financial services: Not a new relationship

 Though this week’s WannaCry attack was one of the most visible and widespread cyberattacks, it wasn’t the first, and it won’t be the last. The 2016 Cybercrime Report from Cybersecurity Ventures predicts cybercrime will cost the world in excess of $6 trillion annually by 2021, making it more profitable than the global trade of all major illegal drugs combined. Cyber criminals can be ruthless and cunning, striking quickly inside a tiny window of time or space with temporarily limited security.

Most major financial services firms have major technical controls, staff, and processes in place, but many smaller banks and credit unions haven’t fully invested in secure networks and IT automation to help prepare for attacks. And there are many more attacks on the horizon. According to the Cisco 2017 Annual Cybersecurity Report, for example, ransomware is growing at a yearly rate of 350%.

One of the most compelling recent examples of a cunning modern-day bank robbery occurred in February 2016 when hackers breached Swift technology to heist $81 million from the Bank of Bangladesh. The Federal Reserve Bank of New York matched a set of codes assigned to the Bank of Bangladesh inside a series of 35 transfer requests and transferred $81 million of the Bangladesh bank’s money to the Philippines.

Is cybercrime already stealing your greatest asset?

Besides the obvious and looming consequences of a cyberattack, fear of security breaches can prevent executives from spending time on larger strategic innovations. Seventy-seven percent of bank executives consider cybersecurity to be their “most concerning issue.” A major roadblock to digital innovation in large banks is the fear of a data breach as well as the resulting regulatory fines. In a recent Cisco study, 71% of banking executives said concerns over security are hindering their ability to innovate, and 39% say they have stopped a mission-critical initiative because of security problems.

 

  • Register to attend a special “WannaCry” ransomware webinar that three of our top cybersecurity intelligence team leaders will host on Thursday, May 18 at 1:00 p.m. EST / 10:00 a.m. PST. The webinar will feature an in-depth discussion and review of the history and recent surge of these attacks and help you identify what your organization can do to protect itself from future attacks. All attendees will have an opportunity to ask our security experts questions during a live Q&A.
  • Be sure to check out the frequently updated blog from Talos for updates on the “WannaCry” ransomware attack.

 

 

For more information regarding Cisco Financial Services please visit www.cisco.com/go/fsi

 

Tags:

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.

2 Comments

  1. That is why it's very important to not give into ransomware, very scary that financial institutions like banks have to watch out. Anyone can get a hold of sensitive information, great article.

      Thank you, John! You make a great point about not giving in to ransomware. There is no guarantee that hackers will provide a decryption key after you pay the fee. Additionally, this gives the criminals incentive to go after other targets and may result in criminals adding your name to a "list" of those who are willing to pay when victimized by ransomware.

Share