10 Things Your Credit Union Should Know About Ransomware Response

The cybersecurity headlines last week were breathtaking — and not in a good way. A ransomware gang, appropriately calling itself “Grief” boasted that it had hacked the National Rifle Association. The Treasury Department says an affiliated group stole more than $100 million from financial institutions in recent years. The message is clear: credit unions should continue to do everything possible to prevent such attacks and must also have an incident response plan in case they occur.

“These cyber-attacks have no boundaries and are truly a global issue. Ransomware has grown in frequency and severity and extortion demands have risen significantly. A ransomware incident is one of the most disruptive and costly attacks your organization can suffer,” said Derek Laczniak, CIC, Director-Cyber Liability at M3 Insurance.

Laczniak, who leads the cyber liability strategic relationship with M3 and CUNA Mutual Group, adds, “There’s no foolproof way of preventing ransomware attacks from occurring; however, there are a number of things to know to help you be prepared.”

CMG’s Ransomware Checklist includes these recommendations:

  1. Know who is on your response team. Are the appropriate individuals and stakeholders involved and ready?
  2. Have multiple forms of communication. Take uninfected systems offline to avoid the spread of an attack.
  3. Prepare to make decisions about voluntarily taking systems offline. Prioritize a list of critical systems ahead of time.
  4. Be prepared with an internal communications plan.
  5. Do not allow employees to reach out to the threat actor themselves. Negotiations with criminals require expertise and can change the dynamic of negotiations quickly.
  6. Expect to sign two critical documents in the first 24 hours. Your breach coach will need an engagement letter, and your forensic team will provide a statement of the work that includes both your firm and your coach’s firm, and the scope of work.
  7. You will not need to have your own cryptocurrency on hand.
  8. You will need underwriting approval to pay ransom.
  9. Know your backups and understand they may not always be the answers.
  10. Think about external communications. Who needs to be told, and when?

If you would like to discuss ransomware or cyber risks in more detail, reach out to the Strategic Link Team and they will arrange a meeting for you with CUNA Mutual Group’s Risk Consultant. Additionally, you can learn more about CUNA Mutual Group online.

Posted in Industry Insight, Strategic Link.