Ransomware in Financial Services — What Can You Do About It?

by Tony Richardson CISSP

Ransomware attacks on financial services organisations, such as banks and investment firms, have risen sharply over the past year.

A survey by Sophos found that more than half of all financial organisations suffered one or more ransomware attacks — a significant rise since 2020.

Financial Services and Ransomware

While all sectors are targeted by ransomware attacks, the financial services sector has traditionally been particularly vulnerable, and it’s not difficult to see why. Their services typically involve large amounts of money, while the consequences of not paying the ransom are potentially catastrophic.

Ransomware attacks have been a major threat to financial services for well over a decade, but they seem to be growing significantly more sophisticated in the past year or two. This has created an assault that cyber security professionals are fighting hard to resist.

What Has Changed Recently?

In 2020, the proportion of financial services organisations that had suffered a ransomware attack was 34% — by 2021, that figure had risen to 55%. Understandably, given the stakes, 52% paid the ransom, a higher figure than other sectors.

63% of data was recovered in the financial services sector, although the number of organisations that recovered all their data remains low — but is improving. Between 2020 and 2021, the figure increased from 4% to 10%. Even so, another survey found that 29% of the organisations that paid the ransom subsequently discovered that their data was still being offered on the dark web.

On the positive side, 83% of financial organisations reported having cyber insurance against ransomware attacks — though that still leaves 17% unprotected. Perhaps because of pressure by the insurance companies, 98% of organisations updated their cyber security between 2020 and 2021.

Would You Rather Pay the Professionals or the Hackers?

The figures suggest that it’s a matter of when, not if, any given financial services organisation is going to be attacked by ransomware. It’s been calculated that the global average cost of a ransomware attack is US$1.4 million — so would you rather pay criminals or cyber security professionals, who could help you boost your defences?

However, it’s not just a matter of installing cyber security software, vital though that is. The most common way in for any cyber criminals, including those attacking with ransomware, is through human error, though apps and cloud platforms can also constitute a weakness.

The priorities, therefore, are to monitor and fix the vulnerabilities on the systems you use, as well as implementing ongoing training for your staff (up to and including executive levels) on recognising and avoiding common threats. A robust culture of strong password use, together with extra measures such as two-factor authentication, can then be supplemented by cyber security professionals constantly testing your systems and closing vulnerabilities.

Of course, you could simply wait for the ransom demand to come in, pay up and cross your fingers that there won’t be further consequences. But if you’re a financial services organisation that prefers to create an effective defence, instead, then get in touch with us and find out how SecuraProTM can help you stay on the right side of the statistics.