How to outsmart ransomware

Have $175? Then it doesn’t matter if you utterly lack technical skills, you can become a cybercriminal. That’s because a malware strain called Karmen – potent ransomware – has been on sale on the dark web for $175.  

That’s how bad this has gotten and it very well may cost your credit union money.

In mid-May a ransomware attack infected thousands of organization in 70+ countries.  It all happened in the space of a few days. Some 200,000 are said to have been victimized.  

Ransomware now is just about the fastest spreading malware out there.  The tools that spread it are slick and, as Karmen shows, they are also cheap.

Little to no technical skill is needed to unleash ransomware via phishing emails on an unwary public and, increasingly, the targets of choice are businesses – especially American businesses – and that’s because businesses often are willing to pay up to rid themselves of malware. Symantec, in fact says the average ransomware payout in 2016 was $1077, up from $294 in 2015.

Symantec also said that the payout rate in the US reached 64%, compared to 34% globally.  That means about two in three US victims pay up.

Data from NTT Security also said that the US is by far the most common victim of ransomware.  

The news gets worse.  Symantec said ransomware attacks were up 36% year over year.  Probably there will be still more this year.

Ransomware is bad. There are various flavors but a common format is that the criminal mass mails out links that, when clicked on, download apps that lock files, preventing the user’s access. The files could be just about anything, from email to the entire computer.

Know this: There are steps you need to take to protect yourself against being a ransomware victim. A key secret: the best self-defense is assuming you will be a victim and preparing accordingly. How? Read on.

Also know: credit unions have already fallen victim to ransomware. How many? Nobody knows. Victims – especially ones likely to feel exceptional embarrassment and that includes financial institutions – do not advertise that they fell into a trap.  But credit union security experts talk of “at least several dozen” credit unions that have fallen victim to ransomware, paid ransoms, and sometimes regained access to their data.

Small and medium sized credit unions are believed to be especially vulnerable because – unlike the mega credit unions – they typically lack sophisticated malware detection tools that stop malware from penetrating the organization.

Probably more credit unions will fall victim. That’s because savvy criminals now are doubling down on attacks on businesses. Said Symantec: “a small number of groups have begun to specifically target businesses with ransomware attacks designed to infect multiple computers on a single network and encrypt valuable data.”

Won’t a small payment result in the files being unlocked – so maybe this isn’t such a big deal? Not necessarily. Cyber crooks are crooks and that means they may not always live up to their word. Just because a ransom is paid does not mean full access to data is restored.  Said Symantec: “Paying the ransom doesn’t guarantee decryption of the victim’s files. According to the Norton Cyber Security Insight team, only 47 percent of victims who paid the ransom reported getting their files back.”

Symantec also – worryingly – reported that smart criminals are beginning to try to attach ransoms that take into account the value of the data that has been locked. It pointed to a $70,000 ransom paid by San Francisco’s Municipal Transportation Agency which had seen its light rail system disrupted.

A credit union’s files might well be perceived as highly valuable.

What can a credit union do to protect itself? Several things and it starts by training employees not to click on links in phishing emails – and retraining them frequently.

But probably the single biggest step a credit union can take is to make sure its data are backed up and can be easily retrieved and put to use. Do just that – assume you will be victimized and prepare your defenses now – and you put yourself on safe ground.

Savvy smartphone users generally aren’t ready ransomware victims because an iPhone user often has most of his/her data backed up to iCloud. An Android user also often will have lots of data automatically backed up in Gmail, etc.  When the data is on hand, it’s easy to tell the criminal to buzz off.

The very same idea works for a credit union. Backup all critical data and that’s the antidote to ransomware.

Accept this: very probably your institution will be assaulted this year by ransomware criminals.  How you fare is up to you.

Take a few steps, now, and very probably you will do well indeed.

Robert McGarvey

Robert McGarvey

A blogger and speaker, Robert McGarvey is a longtime journalist who has covered credit unions extensively, notably for Credit Union Times as well as the New York Times and TheStreet, ... Web: www.mcgarvey.net Details

More News