Are You Confident in Defending Against Cyber Extortion

You’ve probably heard about the successful cyber extortion of a hospital in Hollywood, California. Hackers cracked into the hospital’s database and then electronically locked up the hospital’s systems with malware. The hospital had to pay the extortionists a $17,000 ransom in bitcoins to regain access to the hospital’s own data.

These attacks are also hitting banks; however, due to the huge reputational risk banks face you are not likely to hear about them. The FFIEC has previously warned banks to protect themselves from extortion by computer attacks such as this.

Are you confident with the systems and people your bank has in place to not only prevent and identify this kind of attack but to mitigate the damage if one occurs? Following are a few examples of how these attacks occur.

Distributed Denial of Service (DDoS) Attack

A Distributed Denial of Service (DDoS) attack seeks to jam or substantially slow down your bank’s website, email, Internet access and other Internet-based services by overwhelming your Internet connection or your website with more traffic than it can handle.
Consider the analogy of a bank with 50 inbound phone lines to serve customers. If 100 people were to constantly call your bank and hang up as soon as the call was answered it would be extremely difficult for any legitimate calls to get through to the bank.

When a bank’s website isn’t accessible, email can’t be sent or received and you can’t browse the Internet. The bank also faces operational and reputational risks with its customers, regulators and the general public. DDoS attacks can last hours, days or weeks, causing customers to seek help in person or by phone for transactions that would have normally occurred online. This results in increased demand for customer support from the bank’s staff. Additionally, increased bank management time and IT support costs are incurred to attempt to resolve the situation.
Attackers demand money from the financial institution to stop the attack and allow the bank to get back to normal operations.

Ransomware Attack

Ransomware attacks entice users to open an email attachment or to click on a link that downloads malware that “locks-up” or encrypts data on a computer, shared files or drives that the computer has access to. The attacker then demands payment to unlock the data or provide the decryption key.

Theft of Information

Theft of information is a type of attack that involves an attacker gaining access to confidential information, such as customer data or internal email communications. Target and Sony Pictures were the victims of this type of attack. While an attacker may gain valuable information that can be easily sold or used (such as debit and credit cards numbers in the case of the Target breach), the theft of internal communications may also be embarrassing (such as with Sony Pictures) and cause reputational risks. Attackers can threaten the release of this type of information to extort money from a financial institution.

In the event your bank is the subject of a cybersecurity extortion attempt, consider that payment of a ransom demand does not guarantee that you will obtain what you are wanting. Such a payment may make you a more likely target of such an attack in the future.

The best approach to mitigate these risks is to use a layered approach to security involving Prevention (anti-virus software, Denial of Service attack prevention, spam filtering and employee training are some preventative items that fall into this category), Monitoring (such as 24/7/365 network and event monitoring to rapidly detect threats) and Remediation (including incident response plans, rapid resolution and backups).

Engineered specifically for banks, BankOnIT’s unique combination of systems, processes and people provides banks the capabilities to efficiently manage the risk and cost of information technology while also reducing the amount of time it takes to manage IT. Contact us at, or at 800-498-8877, option 2, to discover how other bankers are getting better results with BankOnIT.