Skip to Main Content
Doing More Today
  • News
  • Community
    • Associates in Action
    • Community Engagement
    • Small Business
    • Economic Development
  • Insights & Innovation
    • Economic Commentary
    • Insights
    • Innovation
  • Financial Wellness
    • Financial Wellness
    • Fraud Prevention
  • See the Good
    • Culture
    • Good Company
    • Good Towns
    • Good Pets
    • Ecards
    • Recipes
    • Riding Forward
    • The Extra Mile
Subscribe Now
Regions Bank

Regions Bank: Doing More Today: Good stories. Better insights. More possibilities.

Share
Share on Facebook
Share on X
Share on LinkedIn
Share via Email
Subscribe
Ransomware: Steps to Avoid a Nightmare Scenario
Category: Fraud Prevention

Ransomware: Steps to Avoid a Nightmare Scenario

Scammers can take over your network, but a little vigilance can prevent you from becoming the next victim.

By Doug Segrest and Jeff Taylor | August 11, 2020

It’s a nightmare scenario.

Your business thrives online, and that’s where it can be most at risk – from a nameless party that can seize control of your network, holding your data hostage.

We’re talking about ransomware. It’s one of the biggest security problems on the internet and one of the most dangerous forms of cybercrime. It leaves victims with few choices – either you regain access to your network by paying a ransom to criminals, or you gamble on restoring the system while hoping you can decrypt the malware that now holds your data captive.

Unfortunately, no industry, business segment or even government entity is immune to this form of attack. Fraudsters indiscriminately choose their targets, mostly based on known vulnerabilities, and embed their code into system servers or PCs.

The code is typically delivered through a hyperlink in a website, a link or attachment in an email, or a compromised portable storage device.

The malicious code then attacks the directory networks containing your files and data, rendering them inaccessible and useless unless the ransom is paid.

It’s not a 21st century phenomenon.

While activity has surged recently, the first known instance of ransomware occurred in 1989 with what was deemed the PC Cyborg Trojan, forcing the infected client to pay a $189 ransom, sent by cashier’s check or money order, to a post office box in Panama.

Today, ransoms have increased exponentially in price, and most use untraceable digital currency or prepaid cash gift cards for settlement. Once the ransom is paid, the fraudster promises to provide the victim with an encryption key to access the stolen files – and then walk away.

Whether you choose to pay or ignore the ransom, your information will more than likely be handed off to the dark web for other illicit purposes.

Kenneth Valentine retired as a special agent of the U.S. Secret Service. He then brought his expertise to Regions Bank, where his insights help protect customers.

What keeps me awake at night is the lack of cyber hygiene and routine maintenance that would thwart nearly all ransomware attacks.
Kenneth Valentine, Corporate Security senior director for Regions

“The fact is there’s a criminal element out there exploiting the vulnerable through ransomware attacks,” said Valentine, a Corporate Security senior director for the bank. “What keeps me awake at night is the lack of cyber hygiene and routine maintenance that would thwart nearly all ransomware attacks. These lapses in prevention can be easily resolved.”

Valentine points to the Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency’s recommendations to protect users from ransomware:

  • Update software with the latest patches. Outdated applications and operating systems are the target of most attacks.
  • Never click on links or open attachments in unsolicited emails.
  • Back up data on a regular basis. Keep it on a separate device and store offline.
  • Follow safe practices when browsing the Internet.

According to the cybersecurity firm Recorded Future, more than 100 state and local governments, including school districts, were victimized by ransomware in 2019 alone. In a single event, 22 towns in Texas were attacked at the same time.

Attackers can be lone wolves looking to create disruption or criminal enterprises looking to steal money and data.

To be prepared, authorities advise, businesses, governments and local organizations need to be proactive by creating an effective cybersecurity program, constantly monitoring the IT environment, and preparing for the worst-case scenario – wargaming, if you will.

The failure to prepare can be astronomical. A town in New England received a ransom demand of $5.6 million to restore its system.

In addition to the immediate cost of the ransom demand, ancillary costs can be staggering trying to repair files and restore reputation.

The Cybersecurity & Infrastructure Security Agency recommends organizations employ the following best practices:

  • Restrict users’ permissions to install and run software applications, and apply the principle of least privilege to all systems and services. Restricting these privileges may prevent malware from running or limit its capability to spread through a network.
  • Use application whitelisting to allow only approved programs to run on a network.
  • Enable strong spam filters to prevent phishing emails from reaching end users, and authenticate inbound email to prevent email spoofing.
  • Scan all incoming and outgoing emails to detect threats and keep malicious files from reaching end users.
  • Configure firewalls to block access to known malicious IP addresses.

So, what happens if your business is compromised? Valentine said a good response is to follow these suggestions from the Federal Trade Commission:

  • Limit the damage by immediately disconnecting the infected computers or devices from your network.
  • Report the attack to your local FBI office, and file a complaint with the bureau’s Internet Crime Complaint Center.
  • Keep in mind: Law enforcement does not recommend paying the ransom. It’s up to the victim to determine if the risks and costs are worth paying

View tips for stronger password.Financial Safety: 4 Steps to Shop Safely Online

The information presented is general in nature and should not be considered, legal, accounting or tax advice. Regions reminds its customers that they should be vigilant about fraud and security and that they are responsible for taking action to protect their computer systems. Fraud prevention requires a continuous review of your policies and practices, as the threat evolves daily. There is no guarantee that all fraudulent transactions will be prevented or that related financial losses will not occur. Visit regions.com/stopfraud, or speak with your banker for further information on how you can help prevent fraud.

Share
Share on Facebook
Share on X
Share on LinkedIn
Share via Email
Subscribe

Trending Articles

  • 1.

    Character. Commitment. Results: American Banker Again Ranks Regions’ Reputation High Among Industry Peers

  • 2.

    How Two Banking Leaders Built Their Careers at Regions

  • 3.

    ‘Extra’ in Action: Regions Associates Give Back During Evergreen

  • 4.

    Financial Education: A Key to Career Success

  • 5.

    ‘False Alarm, Real Scam’

Related Articles

Paula Drake, Chief Marketing and Communications Officer at Regions Bank...
Category: News

In the Limelight: Paula Drake and Kendra Key

Deepfake scams illustration with the alert.
Category: Fraud Prevention

Red Flags of a Deepfake Scam

Illustration of a webpage with a suspicious url, and a...
Category: Fraud Prevention

4 Steps to Avoid Fake CAPTCHA Scams

Regions' Otis Billups and teammates in the Extra Mile series.
Category: The Extra Mile

The Extra Mile: Lifting Everyone in East Mississippi

Terry Hoey playing guitar and donated instruments.
Category: Community Engagement

Banding Together

Peter Burns at SEC Now desk
Category: Culture

Voices of the SEC: Peter Burns

Banks Never Ask That logo on the Regions dark green...
Category: Fraud Prevention

#BanksNeverAskThat: Recognizing Red Flags

Man texting on the phone.
Category: Fraud Prevention

Shutdown Primer: 4 Tips to Stop the Scam

Regions.com | About Regions | Investor Relations | Privacy & Security | Website Terms of Use | Contact Regions | Careers at Regions
© 2025 Regions Bank Member FDIC |
All Rights Reserved | Member FDIC | Equal Housing Lender | Online Privacy