Can Ransomware Attacks Be Prevented In Banks?
Cyber awareness training has become significant nowadays because so many employees are working from home. Banks had stipulated rules for their employees to work from home on alternate days, so all banking officers will be working from an office on some day or other, and hence cybersecurity is an important concern.
Ransomware attacks have indeed been happening in smaller Indian banks due to the paucity of proper IT training etc., making them more vulnerable to such attacks. Banks that have been victims of ransomware attacks have had to pay a massive amount of money to get their data access restored. Relevant examples of ransomware attacks happened in India in 2020; for example, Nav Jeevan Co-operative Bank of Maharashtra had its systems compromised by the Egregor ransomware. The criminals who caused this attack dared to leak one of the bank’s data files equivalent to 230 MB in size on the dark web.
Egregor is a dangerous malware which when loaded into the PC, ensures that all the data files are blocked from access. This malware makes sure that the user can't gain any access to his files by disabling this software because it ensures that all the antivirus software on the PC is put out of action. The banks have to take the following precautions to prevent such kinds of attacks:
1. Training Employees About How Hazardous Phishing Emails Are
For non-IT employees, such training is crucial because attackers can use novel ways to attack the systems. They can be trained about whom to contact in case they have an issue with any new email etc. So, banks have to make sure that their employees refrain from opening any phishing emails.
When an employee opens a phishing email, he may be downloading ransomware onto his system. The banking employees are also vulnerable because they can open phishing emails. These fraudulent emails claim to contain some necessary information about the prevention of the pandemic. But these emails contain malicious links, and by clicking on them, the employees download ransomware on their systems. These files are disguised as .mp4, .docx or .pdf files, but they are .exe files.
2. Importance Of OS Updates
Also, employees should be educated about the importance of installing upgrades on their operating systems. This is extremely important because the Windows firewall can protect you against such attacks. Hence, the employees must never turn the Windows updates off.
3. Erase The Credentials Of Former Employees
The IT staff of a company also needs to be included in such cyber awareness training because they need to remove the access credentials of former employees. After all, they may be frustrated with the company and can use their login IDs and passwords to deploy ransomware by accessing their systems. It's because once the bank's data access has been blocked by hackers, customers can lose trust in the bank. The worst part is that hackers are providing ransomware kits to smaller hackers.
4. Check Everyone Thoroughly
Smaller banks can make sure that they scrutinize potential customers and vendors. This way, they can make sure that everyone does not get access to the bank's computers. Also, banks have to train employees about how to maintain system backups in case anything unexpected happens. There should be proper incident management procedures established for banking employees so that proper actions can be taken to mitigate the effect of the ransomware attack. Not only the systems of the banking employees but also those of vendors are susceptible to such attacks. Hence, cyber awareness training must be made mandatory for vendors also.
5. Outsource Customer Handling To Protect Such Data
Smaller banks have become cautious about preventing such ransomware attacks and are outsourcing their customer operations so that fewer data remains on their systems. However, the most effective precaution against this is the use of backups because you never know when a service provider's systems will also be infected by ransomware. But when the data has been backed up, you won't bow down to the hacker’s conditions to decrypt the encrypted files.
In cyber awareness training, the banking employees, especially the IT staff, can be given instructions on how to handle this task. For example, they could be asked to create three replicas of every customer database. One copy should be present on the bank’s computers in case transactions are done. But of the rest of the two, one should be with an organization other than the bank.