Pub. 8 2017 Issue 1

Spring 2017 19 West Virginia Banker The Rising Risk of Ransomware By Craig M. Collins, OneBeacon Financial Services & Joe Budzyn, OneBeacon Technology Insurance R ansomware is the latest cyber extortion tool devised to threaten both businesses and individuals. Having affected financial institutions, hospitals and many other types of organizations, ransomware has been featured prominently in the news over the past few years. In 2015 alone, the Federal Bureau of Investigation (FBI) reported 2,400 ransomware-related complaints totaling a loss of more than $24 million. While some affected have paid the ransom and recovered their computer data, others have lost theirs forever. What is ransomware, and how can banks protect themselves against this formidable risk? How It Works Similar to a virus, ransomware is malicious software that infects a computer. It can arrive via several mechanisms: a malicious email attachment, embedded in a malicious website download, attached to a phishing email, or even a web link that automatically downloads the ransomware when it is clicked. Once a user’s files and documents are encrypted, they become inaccessible until a ransom is paid. A user is instructed to pay ransom within a certain timeframe and through a method that is fairly convenient yet difficult to trace back to criminals. This may include wire transfers, pre-paid payment cards, Bitcoin or premium cost SMS services. While criminals say they will provide the user a decryption key necessary to recover their files, there is no guarantee that data will be recovered after the ransom is paid. Additionally, paying the ransom does not prevent future infection with the same or different ransomware and the cycle repeating. Another type of ransomware locks a user’s device to prevent its usage. The lock message often accuses the user of a crime and appears to come from a branch of law enforcement. The files may not be encrypted during this attack. If the lock screen ransomware is removed, the files are typically untouched. The Damaging Impacts While everyone is at risk for ransomware, banks are particularly attractive targets. Criminals recognize that financial institutions maintain a bevy of personally identifiable information and have the funds to pay a potentially lucrative ransom. Beyond losing their files, banks that fall victim to ransomware can face monetary and business interruption losses, legal and IT service fees, lack of employee productivity and most importantly – compliance and reputational risks. Mitigating Risks The most effective defense against ransomware is prevention, and banks must take precautionary measures to protect themselves and their customers.  The Rising Risk of Ransomware Continued on Page 20