Pub. 8 2017 Issue 1

www.wvbankers.org 20 West Virginia Banker Back Up Data. An extremely important process is to back up important data daily. This backup should be offline and disconnected from the computer, as some versions of ransomware can encrypt data stored on network drives or in cloud services when they are connected to the infected computer. The recovery function of your backup/restore procedure should be tested regularly. Effectively backing up current data will leave banks less vulnerable to the threat of ransomware. Even if a computer is locked, a bank won’t be forced to pay to recover its data. Train Employees. Ransomware phishing attacks can come through in the form of an email with a malicious attachment or URL. It is important for employees to be vigilant of such attacks. To help raise security awareness, consider sending simulated phishing attacks to keep employees on their toes and help them recognize what a phishing attempt might look like. Advise employees not to click on links or open attachments or emails from those they do not regularly do business with. Use Superior Security Technology. Even with proper training, employees may open an attachment or visit an infected site. That is why it is necessary for banks to take other standard security technology measures such as ensuring a firewall is in place. Anti-virus software should be used to detect and prevent infection, while web and email filtering software should be used to reduce exposure. It is important to apply security patches and regularly update all security software. Segregate Access. Managing user access to data can lessen the risk of a successful ransomware attack. The number of employees with administrative access should be limited, and access should not be assigned unless absolutely necessary. Employees should only have access to the files or directories that are relevant to their job functions. Networks and data should be separated for each organizational unit. In the Case of an Attack Despite a bank’s best efforts to protect against ransomware, an incident may still occur. If it does, both the FBI and the Federal Financial Institutions Examination Council (FFIEC) encourage ransomware victims to notify law enforcement immediately. Law enforcement officials, such as the FBI, can assist in determining whether or not it is in the bank’s best interest to pay the ransom. In addition, the FFIEC recommends notifying the appropriate bank regulatory authority of any ransomware incident, and possibly filing a Suspicious Activity Report. Banks may also file a notice of a ransomware incident on the FBI’s Internet Crime Complaint Center at www.ic3.gov . A Costly Crime Ransomware is a rising threat for U.S. businesses as an increasing number of cyber criminals adapt it as their newest Chuck Maggard represents WVBA Insurance Group for OneBeacon Financial Services. He may be reached at cmaggard@wvbins.com or 304-343-8838. method of extortion. According to the FBI, these criminals collected $209 million in the first quarter of 2016 – which puts ransomware on pace to be a $1 billion crime in 2016. Banks must take preventative measures to avoid falling victim to a ransomware scheme and suffering potentially irreparable losses.  Despite a bank’s best efforts to protect against ransomware, an incident may still occur. If it does, both the FBI and the Federal Financial Institutions Examination Council (FFIEC) encourage ransomware victims to notify law enforcement immediately.  The Rising Risk of Ransomware Continued from Page 19