How to Detect and Prevent Ransomware01.09.2019
The financial services industry has been plagued with several notable ransomware attacks over the past couple of years, according to Chris Schatz, senior penetration tester for Info@Risk.
Common infection methods include malicious emails and attachments; vulnerable services such as server message block, malicious webpages, and “malvertising;” and corrupt media such as USB drives and CDs, says Schatz.
On the flip side, credit unions can take certain detection and preventative measures to ward off these threats, says Peter Misurek, senior information security engineer for Royal Credit Union in Eau Claire, Wis.
Tools to spot compromises include enabling process execution auditing, part of which entails configuring reports and rules to monitor suspicious process executions, Misurek says.
He also advises centrally logging network traffic and monitoring domain name server traffic.
Misurek says credit unions can help prevent compromises by:
- Practicing proper password hygiene and enforcing strong passwords
- Limiting storage of cached credentials.
- Restricting inbound and outbound internet protocol traffic to only what’s required to do business.
- Implementing geo-based traffic blocking.
(via Credit Union Magazine)
CUNA Council members get a free digital subscription to Credit Union Magazine. Access online or in the mobile app.