New York Department of Financial Services Issues New Guidance to Financial Services Orgs to Counter Ransomware

Financial Services Orgs to Counter RansomwareNYDFS offers up sound best practices in addition to their recently released Cyber Insurance Risk Framework based on recent attack investigations, finding repeated use of “the same handful of techniques.”

The increase in ransomware attack frequency and success has caused massive premium increases over the last two years and has put pressure for more rigorous assessments of cybersecurity measures for insured organizations. New York’s DFS seeks to help financial service organizations with security controls they believe can help stop most ransomware attacks with new guidance to specifically counter the ransomware epidemic. These include:

  1. Email Filtering and Security Awareness Training – Both of these result in filtering. The first is a technology that eliminates the obvious phishing emails. The second leaves it up to the human element to see a phishing email for what it really is, thereby stopping an attack before it starts.
  2. Vulnerability/Patch Management – DFS recommends orgs “identify, assess, track, and remediate vulnerabilities on all enterprise assets within their infrastructure.”
  3. Multi-Factor Authentication – Currently, MFA for remote access to the network and all externally exposed enterprise and third-party applications is required by 23 NYCRR § 500.12. The DFS recommends if for all privileged accounts.
  4. Disable RDP Access – this should be obvious by now, as RDP compromise is the primary attack vector in 59% of attacks.
  5. Password Management – strong, unique passwords should be in use, vaulting privileged credentials, and disabling password caching is recommended.
  6. Privileged Access Management – implementing some form of least privilege, and a periodic inventory of all privileged accounts should be audited.
  7. Monitoring and Response – having an ability to monitor systems for intruders and respond to suspicious activity should be in place, along with EDR to quarantine and potentially stop ransomware from executing is recommended.

Free Ransomware Simulator Tool

Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

KnowBe4’s "RanSim" gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 24 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

RansIm-Monitor3Here's how it works:

  • 100% harmless simulation of real ransomware and cryptomining infections
  • Does not use any of your own files
  • Tests 25 types of infection scenarios
  • Just download the install and run it 
  • Results in a few minutes!

Get RanSim!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Topics: Ransomware

Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews