NIBA - Celebrating 35 Years
Back to Journal
Uncategorized

Ransomware During COVID and the Need for Proactive Cyber Hygiene

N
Written by
NIBA
Published
Reading time
5 min
By Braden Perry, Partner at Kennyhertz Perry, LLC Earlier this year, the COVID-19 pandemic caused businesses to rapidly deploy a remote workforce, which created new challenges for financial firms to continue operating and providing critical services. It also created an opportunity for malicious actors to hack into and gain access to IT systems and sensitive, personal information that these financial firms maintain. Among the most dangerous cyber threats is ransomware, malware that encrypts user or system files. The cyber actor then demands a ransom to restore the data through the use of a decryption key. These attacks have escalated since the pandemic began and continue to rise among financial institutions through remote desktop protocol (RDP) vulnerabilities. These attacks have occurred with varying levels of debilitating damage, from affecting various systems to complete shutdown, with the cyber actors generally threatening to release victim data publicly, in addition to leaving systems locked if ransom demands are not met. If your company is a victim, law enforcement does not encourage paying a ransom to cyber actors. Paying a ransom may embolden adversaries to target other organizations, encourage other criminal actors to engage in ransomware distribution, and fund illicit activities. Also, paying the ransom does not guarantee that the files will be recovered. So, what should a company do? In addition to reporting the event to local law enforcement, the following can potentially alleviate the issue:
  • Having a robust data backup system is the most important layer of defense against ransomware attacks, which are air-gapped, and password protected.
  • Follow the Principle of Least Privilege for Access Control. Each user should have the least privileges needed for their job.
  • Implement endpoint protection solutions such as antivirus and antimalware.
  • Enact multifactor authentication wherever possible.
  • Ensure network segmentation; and
  • Disable RDP and other remoting options except when necessary.
But there are many things a financial institution can do to prevent an infection from occurring in the first place. First, get top-down management buy-in. The commitment of senior management and the effectiveness and tone of their communication to their staff are pivotal to the cybersecurity compliance program’s success. This commitment is shown when management changes their vision and strategic goals and provide the compliance department with the authority to implement, communicate, and improve the compliance policies and procedures. The best policies and practices will fail without the full support from the top. It is also crucial to have direct-line access to the CEO and the organization’s oversight committees. The Chief Information Security Officer (CISO) should be part of senior management, with sufficient resources and staff to oversee and manage the compliance structure. Forward-thinking companies view and treat their compliance department as an asset, not a cost, which is a key to buy-in from the top down. What CEOs want out of CISOs is the ability to see the forest through the trees. Information Security is increasingly complex. Today, CISOs not only must deal with their trained information security skills but use ever-evolving business skills, including financial management and leadership skills. A CISO needs to understand the organization’s context – and its risk strategy and deal with stakeholders in varying ways depending on the circumstances. While the global view is an asset from a managing risk perspective, overmanaging risk can also hinder business practices. So, it’s imperative that CISOs can strike the balance of managing risk and procedures while ensuring the business is functioning properly and securely. If the forest becomes too dense to see the trees and the tone at the top (i.e., the CISO) allows the company to become reactive, meaning that they do not anticipate issues but wait for issues to arise and then act or “react.” This leads to short-sightedness, looking at the near-term, and not focused on long-term goals. This is opposed to the “proactive” approach and forward-looking, not only in anticipating issues that might arise but in having clear directions and goals. Since the emergence of H5N1 in 1996, both industry leaders and government officials have known that an influenza pandemic will occur with a new subtype of influenza capable of efficient person-to-person spread and to which few of the world’s population are immune. They’ve also known that it will be a global pandemic with all countries being effected within a matter of months. Many industry leaders and government officials have prepared for this and outlined detailed responses. It’s evident that some industries and companies are more prepared than others. Those that didn’t prepare or prepare enough and are now caught in a disruptive corporate environment and at the mercy of IT and other tech-related issues as most companies are working remotely. Proactivity will be the new standard, and companies that don’t look forward to risk potential will be massively behind when the next business disruptions arise. For additional guidance or a risk assessment, seek competent counsel that understands the importance of cybersecurity and identify the weaknesses that could lead to massive business disruption or a complete takeover of your system. At Kennyhertz Perry, we assist our clients with data security needs, blending traditional legal experience in the corporate and litigation arenas with technical acumen. To learn more about Kennyhertz Perry, LLC, please visit www.kennyhertzperry.com.

Stay Informed

Subscribe to the NIBA Journal for the latest insights and industry updates

Related Articles

View All
Uncategorized

Marketing Strategy: Customer Segmentation

When I am talking with a friend or colleague who wants to kickstart their marketing efforts, my approach is “simpler is better”. It’s a lot like getting off the couch and back into the gym. Often the best way is to start simple and then build up from there. So, what I’d like to suggest to you as a NIBA member firm is to get started with SEGMENTATION of your contacts and customers. Imagine the difference in experience for a commodities trader who receives an email promoting opening an account. In the first email, it has a general header that seems to focus on equity indexes and has several forex symbols shown. In the second example, the entire header is...

Uncategorized

NFA Celebrates NIBA's 30th Anniversary

Congratulations to the NIBA on its 30th anniversary! As the self-regulatory organization for the derivatives industry, a critical element of NFA's mission is to ensure that all NFA Members understand their regulatory obligations. During the past few decades, NFA and the NIBA have often collaborated to develop educational materials, draft notices and deliver programs specifically customized for the NIBA's membership. NIBA Chairman and Founder Melinda Schramm and her team work tirelessly to identify these educational opportunities and ensure that each program successfully addresses the needs of derivatives professionals. For example, NFA and the NIBA recently delivered a webinar entitled "Navigating Regulatory Requirements in a Hybrid Environment." Feel free to access this informative webinar on NFA's website. NFA looks forward to...

Member Announcements

Ascent Capital Management Congratulates NIBA's 30th Anniversary

Ascent Capital Management has been an active member of the NIBA since we were established in 2011. The NIBA provides several tools to assist firms to maintain compliance with many of the regulatory changes that have become commonplace in our industry. Semi-annual meetings with various speakers on many diverse topics are just some ways that the NIBA helps keep its members up to speed and avoid regulatory issues. New products, changes to AML requirements and Cyber-Security have been some examples of past areas of education. Of course, attendees are encouraged to ask questions at the conclusion of the panel discussion to help their understanding of the topics at hand. Often the NFA participates and are always very accommodating to answer...