Citing “increased geopolitical tension”, banks are warned to immediately reevaluate to shore up cybersecurity controls and technology safeguards against ransomware and malware attacks.
As part of a proactive effort to ensure financial institutions are secure against impending cyber threats, the FDIC issued a warning about potential attacks that can only be assumed to be the result of relations between the U.S. and Iran. The FDIC is encouraging U.S. institutions to have both preventative measures and a “worst-case scenario” response plan.
According to the FDIC, two specific attack vectors were mentioned:
- Through the use of malware-infected storage devices, such as USB drives
- By “compromising user credentials and introducing malware through social engineering financial institution employees and contractors with phishing or spear phishing attacks”
Of the two, the latter is far more probable, as attackers never need to physically be anywhere near the targeted institution.
Because of the prevalence for phishing and spear phishing attacks used as the entry point for malware and ransomware-based attacks, the FDIC recommends the following guidance:
- Continual user Security Awareness Training for “recognizing cyber threats, phishing, and suspicious links”
- Phishing testing as a feedback loop to measure “the effectiveness of such cybersecurity training programs”
Even in times when there is not specific geopolitical threat of concern, financial institutions always need to be on alert. Trojan malware such as Emotet are specifically design to target financial institutions. While the FDIC’s warning should definitely be heeded, the reality is banks are a constant target.