hand typing on keyboard
Category: Fraud Prevention

Ransomware: Staying 8 Steps Ahead of Bad Cyber Actors

CISA, FBI and Secret Service have the latest guidance to keep businesses and organizational data safe.

By Doug Segrest |

Ransomware remains a threat that won’t cease. In fact, it’s getting worse.

Last summer, our Doing More Today team broke down the threats of ransomware, while providing some commonsense tips.

Just a quick reminder: ransomware is a malicious software that scammers use to deny you access to data, then hold the data hostage until a ransom is paid.

We shared some simple steps to take, including updating software, avoiding unknown links or attachments in emails, and backing up data.

Unfortunately, malicious cyber actors are still taking advantage, and the threat of ransomware grows by the day.

“Successful ransomware typically relies on the victim to make a mistake,” said Kenneth Valentine, a Corporate Security senior director for Regions Bank. “If we prevent the mistake, ransomware fails.

Seems a little diligence goes a long way.

“You can prevent the mistakes by intentionally keeping up with your security software, changing passwords and checking twice before clicking on a link or attachment,” Valentine added. “Educated employees who enter cyber spaces with the appropriate tension between curiosity and caution will help prevent most ransomware nightmares before they are a reality.”

Thanks to some great advice aimed at keeping businesses and nonprofits safe, we have some great new information to protect valuable data – all thanks to the Cybersecurity and Infrastructure Security Agency (CISA), the FBI and the Secret Service

 8 STEPS TO PROTECT YOUR NETWORK

A commitment to cyber hygiene and best practices is critical to protecting your networks. Here are some questions you may want to ask of your organization to help prevent ransomware attacks:

  1. Backups: Do you backup all critical information? Are the backups stored offline? Have you tested our ability to revert to backups during an incident?
  2. Risk Analysis: Have you conducted a cybersecurity risk analysis of the organization?
  3. Staff Training: Have you trained staff on cybersecurity best practices?
  4. Vulnerability Patching: Have you implemented appropriate patching of known system vulnerabilities?
  5. Application Whitelisting: Do you allow only approved programs to run on our networks?
  6. Incident Response: Do you have an incident response plan, and have you exercised it?
  7. Business Continuity: Are you able to sustain business operations without access to certain systems? For how long? Have you tested this?
  8. Penetration Testing: Have you attempted to hack into your own systems to test the security and your ability to defend against attacks?

WHAT TO DO IF YOUR NETWORK IS BREACHED

  • Implement your security incident response and business continuity plan. It may take time for your organization’s IT professionals to isolate and remove the ransomware threat to your systems and restore data and normal operations. In the meantime, you should take steps to maintain your organization’s essential functions according to your business continuity plan.
  • Contact law enforcement — federal officials recommend the local FBI or United States Secret Service field office — immediately to report a ransomware event and request assistance.

RISKS TO CONSIDER BEFORE PAYING A RANSOM

Keep this in mind: law enforcement, including the FBI, strongly discourage paying a ransom. But they also understand businesses and organizations must function.

If you feel you have no choice but to pay, assess these risks first:

  • Paying a ransom does not guarantee an organization will regain access to their data; in fact, some individuals or organizations were never provided with decryption keys after having paid a ransom.
  • Some victims who paid the demand have reported being targeted again by cyber actors.
  • After paying the originally demanded ransom, some victims have been asked to pay more to get the promised decryption key.
  • Paying could inadvertently encourage this criminal business model.

“Having an incident response plan in the event of a cyberattack is just as valuable as your business continuity plan,” said Jeff Taylor, head of commercial fraud forensics for Regions Bank “Knowing who to call, how to reach them, and the individual responsibilities of each participant is critical to recovery.”

Unfortunately, the threat of ransomware isn’t going away. But being proactive instead of reacting after the fact can keep your company, shareholders and customers safe.

The information presented is general in nature and should not be considered, legal, accounting or tax advice. Regions reminds its customers that they should be vigilant about fraud and security and that they are responsible for taking action to protect their computer systems. Fraud prevention requires a continuous review of your policies and practices, as the threat evolves daily. There is no guarantee that all fraudulent transactions will be prevented or that related financial losses will not occur. Visit regions.com/STOPFRAUD, or speak with your Banker for further information on how you can help prevent fraud.

Trending Articles

Related Articles