Intelligent CISO Issue 1 - Page 44

Gregg Petersen from Veeam Software industry unlocked After becoming one of the main cybersecurity threats in 2016 and causing global chaos in May 2017, ransomware is currently keeping everyone in a state of constant security alert. Gregg Petersen, Regional Vice President, Middle East & Africa at Veeam Software, says there are seven proven best practices that financial institutions should adopt. F 44 Financial organisations are particularly at risk, targeted by approximately 13% of total attacks. Ransomware was reported as the number one vector of security risk in the financial sector in the 2016 SANS Survey, reported by 55% of the financial services firms surveyed. The outcomes of these attacks can be highly damaging. Hackers successfully extorted a total of up to half a billion dollars from more than 32% of financial institutions in 2016 alone. How ransomware impacts the financial services industry Despite the increasing number of attacks on financial institutions, public announcements of ransomware infections are rarely made due to the grave brand integrity and consumer confidence consequences. However, numerous attacks were reported in the last few years. Armada Collective attacked three Greek banks, encrypting valuable data and asking for €7 million (20,000 Bitcoin) from each bank, followed by three other attacks in a span of five days. Fortunately, these attempts failed, as the banks successfully leveraged their defence strategies instead of paying the ransom. A 2016 report by SentinelOne on ransomware highlighted that the most vulnerable data for ransomware attacks are employee records, financial data, customer information, product and IP, payroll/HR and research. Ransomware’s notoriety is not a surprise, considering its ability to evolve and surpass traditional data protection solutions. Beyond the use of sophisticated attack techniques, such as social engineering and the development of Ransomware-as-a-Service platforms, ransomware has been driven by certain key factors, such as security holes, lack of IT security knowledge, wrong permissions, lack of patching, and inadequate backup and recovery processes. Finally, the appearance of anonymous e-currency as a payment method as well as the decision to pay the ransom contribute greatly to encouraging cybercriminals’ future attempts. Keeping up with compliance and Availability challenges In this threat landscape, stringent regulations, such as PCI, DSS, GLBA or GDPR and data breach notification requirements, legally require financial institutions to properly store and protect customer data along with other highly sensitive data. As they gain more users, adopt new technologies and face data upsurges, modern IT ecosystems must maintain the ability to collect, maintain and store data in changing environments. Seven best practices for ransomware resilience in financial services 1. Use different credentials for backup storage: Although this is a standard and well-known anti- ransomware best practice, it’s crucial Issue 01 |