Ransom is nothing new, as we know from popular culture. It is often depicted as a note in crime shows or Western movies, from a kidnapper demanding payment for the safe return of a victim taken hostage. In the age of COVID-19, ransomware is one of the biggest data security threats that companies face. When cybercriminals target businesses for ransom, their key to success is snatching something so valuable that the company is unable to operate without it. For credit unions, this is often vital member information.
Cybercriminals use ransomware to employ computer system attacks so sophisticated that they can infect a company’s infrastructure and cause business to freeze. Ransomware is an insidious type of malware that encrypts data, making it indecipherable. The most prevalent attack is tricking an employee into clicking on a link or attachment in an email that allows the malware to enter the company network. This sets up the cybercriminal to demand a “ransom” – typically in bitcoin or another untraceable payment method – in exchange for unscrambling the encrypted data.
Ransomware is on the rise (again) and a growing credit union threat. Why now? While the switch to remote working due to the COVID-19 pandemic has enabled credit unions to remain productive, the use of alternate system connection methods has introduced risks that did not exist within the office environment. The most prominent are security vulnerabilities in remote desktop tools and protocols. These tools, by nature, use an open source for remote access, making them more vulnerable to cyberattacks. When computers are not controlled in the office, it can increase the possibility of missed upgrades, insecure wireless networks and weak user passwords.
We may want to believe that ransomware is unlikely to target our credit unions, but I am personally aware of multiple instances. At a global level, Skybox Security’s 2020 Vulnerability and Threat Trends Report finds that ransomware has thrived in the first half of the year, with a 72% increase in new samples of the file-encrypting malware.
continue reading »