A leading U.S. bank regulator alerted banks to increasing online risks, especially ransomware attacks and other extortion campaigns, in a report published Monday, while advising firms to undertake cybersecurity measures to mitigate the risks.
The Office of the Comptroller of the Currency (OCC), an independent bureau within the Department of Treasury that supervises all national banks in the country, said in the semiannual risk report (pdf) that it has “observed an increase in ransomware attacks in financial services. These attacks continue to leverage phishing emails targeting employees and compromised credentials to gain access to networks through remote access channels.”
Ransomware attacks usually start with an employee finding a message on their screen telling them that their data has been taken hostage, along with instructions on how to get in touch with the hackers. A countdown clock may also be set up to indicate fines or repercussions, like wiping out a percentage of data if a deadline is missed, driving up the urgency of the situation.
Ransomware is a multi-billion dollar global industry that targeted around 2,400 hospitals, schools, and local government offices in 2020. According to some estimates, victims have paid up to $350 million in ransom payments last year.
The bureau has warned banks that cyberattacks have evolved and become sophisticated, while devices with access to financial services have proliferated, and partnerships with tech firms have also gone up, increasing the points of attack.
“Expansion of remote financial services via personally owned computers and mobile devices, remote work options, such as virtual private networks, and reliance on third-party providers to include cloud-based environments, increase the importance of effective cyber controls,” the report said.
The regulator has asked for robust vulnerability monitoring systems, and adopting stringent security measures like multi-factor authentication for providing access to sensitive systems. This is especially relevant in the current circumstances in which many employees work from locations outside offices and where security protocols are not strictly followed.
Properly configured networks, effective patch management, and regular backups are also recommended, along with isolating records to ensure insulation from manipulation by malicious elements seeking to hack, disrupt, and hold data for ransom.
“Supply chain risk continues to increase and evolve as attacks target vulnerabilities in software systems commonly used by large numbers of OCC supervised banks,” the report said. Banks were cautioned to monitor vulnerabilities in third-party software and hardware systems which can be used as Trojan tools to access sensitive files.
Regarding cryptocurrencies in the federal banking system, the OCC has asked institutions to approach the sector with a “high degree of caution,” and reach out to the appropriate supervisory office before “engaging in crypto-related activity.”
According to the report, credit risks for banks are at a moderate level mostly due to appropriate risk management measures employed by the institutions and government programs that have softened the blow from the pandemic, although “weak loan demand and low net interest margins (NIM) continue to weigh on performance.”