Recently, the media seems very focused on ransomware, and both businesses and financial institutions need to be aware of those risks, but in most cases, malware presents an even bigger threat than ransomware.
There were roughly 1.2 million malware detections last year. That’s two and a half times the number of ransomware threats, and a 36% increase over the previous year. To keep your financial institution safe, you need to be aware of malware threats and have a plan to protect yourself.
Malware Risks
In simple terms, malware is software that attacks computers. This can take a range of different forms. Hackers can infect ATMs so they dispense money just as a mule is walking by to carry it away. They can get into a bank’s system and create fraudulent transactions that move money from one account to another. Or, they can steal information to commit identity theft or check fraud.
According to some estimates, malware designed to access people’s bank accounts and steal their money has been found on over 288,000 computers, and over 79 million unique websites carrying malware exist on the internet.
Protecting Against Malware
To protect themselves against malware, banks need a three-tiered approach. They need to focus on prevention, containment, and responses. In a nutshell, prevention is all the steps you take to protect your financial institution from attacks. If an attack occurs, containment stops it from spreading. Finally, your response plan details the steps you take after an attack and to prevent new attacks.
Preventing Malware
To prevent your financial institution against malware, make sure that your employees are aware of the risks. In particular, senior employees with full access to company data need to be especially vigilant. There are criminals who focus on tricking these key employees. The criminals send spearfishing emails, and if the employee clicks on the wrong link or downloads an infected attachment, the malware moves through the computer, stealing the employee’s credentials. At that point, the criminals have all the information they need to get into bank accounts and siphon away cash.
On a technical level, keep your security software up to date, make sure you have strong firewalls in place, and instruct employees to never access private information about your financial institutions or its clients over public wi-fi. You need to route all that information through a virtual private network or an encrypted server, or it could easily be compromised.
Containing Malware Attacks
If an attack occurs, assume that the hackers are trying to get information from that computer, and immediately contain the infected device. Unplug it and take it offline. Ideally, you should also wipe out the drive. That’s why it’s critical to always have backups.
Responding to Malware Attacks
Once you’ve contained the issue, you need to start the forensics work and figure out where the attack originated. If the attack came from an infected message, you need to ensure that wasn’t forwarded to any other computers on your network.
Besides the technical elements, you need to deal with the attack from a public relations angle. That can involve notifying affected customers and offering them credit monitoring, and sending press releases to the local media so that you control the message. Finally, you need to take steps to prevent your organization from future attacks.
When it comes to malware and other cyber attacks, the threats are always changing, even if they come from the same group. For example, Lazarus, an infamous group of cyber hackers, attacked Sony and the Bank of Bangladesh for extremely different purposes in different ways in the same year. To protect yourself, you need to be flexible.
At SQN Banking Solutions, we offer a range of solutions to protect our clients against cyber attacks. To ensure you’re protected, we can start with an assessment and guide you from there. Contact us today.