Are You Taking Steps To Avoid Ransomware Attacks?
WHAT HAPPENED?
Earlier this month, the Office of Compliance Inspections and Examinations of the United States Securities and Exchange Commission (OCIE) issued a Risk Alert which outlines best practices for maintaining a secure network; the United States Cybersecurity and Infrastructure Agency (CISA) issued a similar alert addressing recent phishing and ransomware risks across the financial industry and beyond; and last week, a major cybersecurity breach affected several financial industry vendors and firms.
Phishing is a cybersecurity threat in which a cybercriminal tricks users into clicking infected links or gathering other information through social engineering schemes. One result is the installation of ransomware on a device, which requires an individual or institution to pay a ransom, often through difficult to trace means like cryptocurrency, to regain control of a system.
The outcome of these attacks can be devastating to a business’s information security infrastructure and compromise sensitive information of the individuals affected. All of this can be extremely expensive to correct. Below are some key takeaways from OCIE’s Risk Alert and other recent cybersecurity events.
KEY TAKEAWAYS
The OCIE Risk Alert outlines tactics and reminders for market participants maintaining client records and other personally identifiable information (PII):
- Draft and maintain comprehensive incident response and contingency plans.
- Account for various scenarios where systems may be compromised and include procedures for communicating the event to stakeholders, reporting the incident to required regulatory bodies, and contacting the appropriate law enforcement.
- Focus on operational resiliency.
- Prioritize your firm’s capacity for restoring and operating critical applications in the event of a security breach to ensure essential business functions can continue.
- Train employees to recognize potential threats.
- The largest threat to a network’s security is human error. Investing in training employees to avoid phishing attacks can save time and expense and protect the data of your business and clients.
- Regularly scan systems for vulnerabilities and implement a patch management program.
- All systems should have anti-malware solutions installed, be updated regularly, and set to automatically scan for potential threats.
- Properly manage and maintain user access rights.
- The fewer individuals able to access sensitive data, the more secure systems are overall. By regularly reviewing employee access rights, and properly revoking access upon employee reassignment or termination of service, systems will be less vulnerable to data breaches.
- Secure the perimeter of your network to control traffic.
- Some of these measures include firewalls, email security capabilities, and implementing a remote desktop protocol through a virtual private network connection.
Other Breaches in the News
- A recent CISA emergency directive warns of a new vulnerability affecting all versions of Microsoft Windows Servers with the Domain Name System role enabled. This vulnerability could affect large swaths of the public and private sectors if not addressed. However, Microsoft created a patch for the issue which is automatically applied to systems during the routine updating process.
- Last week, a massive ransomware attack effectively targeted the systems of M.J. Brunner, a key vendor for SEI Investments. M.J. Brunner was asked to pay a ransom to attackers but refused. Those orchestrating the attack responded by posting client information online. The breach compromised the data of clients from several investment advisory firms and mostly affected SEI clients managing pension funds, endowments, and wealthy families.
WHAT DOES THIS MEAN FOR ME?
Establishing and maintaining appropriate cybersecurity measures should always be a top priority for firms. It is more than likely your business will be the target of phishing campaigns and other cybercrimes, but a security breach can be avoided with proper planning and training.
There are several steps a business can take to ensure their network is secure, such as:
- training employees to recognize risks;
- conducting due diligence on key vendors’ cybersecurity before engaging in data sharing; and,
- regularly testing a network to find and patch vulnerabilities.
Fairview can assist your business with drafting, adopting, and maintaining a custom cybersecurity program to protect against bad actors looking to compromise data. Contact Fairview today to learn more about how we can help protect your firm and clients’ data.