You may have heard recently that ransomware attacks are on the rise. Unsurprisingly, the mortgage and financial services industry is a top target for these attacks. Ransomware refers to a specific type of attack in which the hacker installs software that locks up an organization’s files and critical systems until a ransom is paid.
Due to the decline in value of and increased challenge of monetizing non-public information, threat actors have developed new techniques and attacks to generate revenue. Only a few years ago, attackers used a multitude of methods of infiltrating IT systems to steal and extract information. Now, through the use of ransomware and it’s relative immediate impact on a company’s operations and profitability, hackers can increase the likelihood of payment. Ransomware initiates a dialogue with the victim in which the ransom must be paid within a certain amount of time to a specific account in order for the systems to be unlocked (if you can trust the hacker to unlock them!).
More recently, hackers have begun to use their system-level access to lie in wait, doing deep research on your business to ensure their eventual attack has a higher likelihood to cause maximum impact, and therefore command a higher potential payout. Hackers will look for:
- Seasonality in your business: When are you busiest, and therefore, most likely to pay immediately to keep your business running?
- Your financials: How much can they expect to get from you for a ransom payment?
- Security information: Which systems can they compromise most effectively? Is there a possibility they can lock up multiple systems, leading to multiple payments or ongoing payments?
- Internal communications: Which employees may be good targets for getting information about critical systems? Who may be easy to compromise with phishing emails?
Because of these changing behaviors by threat actors, your risks in a cyber attack, from ransomware or otherwise, may be higher than you previously estimated. The two charts below (from CSIS and the Verizon Data Breach Report) detail the estimated daily activities of certain cyber crimes and the most common methods of infiltration. Does your threat response plan account for these activities? Are you evaluating your incident response plan on a regular basis?
You can learn more about the current state of threats from ransomware in our webinar recording below. Our Cybersecurity team uses the latest technology to get your IT systems prepared to resist cyber attacks, including ransomware, and our consultative approach means we are ready to help you plan for any incident that may threaten your business. Contact us today to learn more or get started with a plan.