Category: Uncategorized

Why Ransomware in Financial Service Organizations Is So Dangerous

Ransomware is a growing threat to businesses and institutions worldwide, increasing in frequency and cost. In 2022, 71% of organizations worldwide were victimized by ransomware, up from just over 55% in 2018. Financial services institutions are particularly at risk of being targets in these attacks. The volume and value of a financial service organization’s data are attractive targets for ransomware criminals. These institutions store and handle significant quantities of personal information and have numerous entry points for an attack.

Although financial institutions are vulnerable to the threat of ransomware, they can take steps to mitigate the risk. Learn about the dangers of ransomware for your financial institution and how to prevent an attack. 

What Is Ransomware in Financial Services?

Ransomware in financial services is a type of cybersecurity attack involving malware that attacks and encrypts files within a financial service institution’s network. Ransomware is a type of malware that encrypts and holds hostage files on a device. The ransomware renders the files and potentially the computer unusable, and the attacker demands a ransom in exchange for restoring the data. Ransomware in financial services specifically targets financial services institutions like banks, credit unions, financial advisors, insurance companies and more.

Ransomware attacks on financial institutions are serious and prevalent. A recent report found that ransomware attacks on financial services organizations in America increased to 55% in 2021, up from 34% in 2020. The average cost of remediation in the industry was $1.59 million, higher than the $1.4 million global average. One of the most significant recent ransomware attacks on financial institutions in the United States was the attack on insurance firm CNA Financial, which exposed the personal information of over 75,000 people. 

The Impact of Ransomware on Financial Institutions 

Ransomware has the potential to significantly harm a financial institution’s data integrity, reputation and finances. Consider the dangers of ransomware in this industry:

Lost Access to Critical Systems and Data

One of the most significant threats of a ransomware attack is the loss of access to critical financial systems and data. A ransomware attack could target one of the institution’s vendors — such as call centers, online banking systems or cloud providers — and gain access to their broader infrastructure. From there, cybercriminals can severely limit an organization’s operations. For example, a ransomware attack on a bank may result in encrypted and unusable financial data, crippling the institution’s employee and customer services and business continuity. 

Financial Losses 

Financial institutions that are victims of ransomware attacks often suffer heavy monetary losses. Although paying a ransom does not guarantee that a financial institution will receive its decrypted files or remain free from another ransomware attack, many institutions feel it is their only option. According to reports about the ransomware attack on CNA Financial, the company paid $40 million in ransom. While the Cybersecurity and Infrastructure Security Agency recommends not paying ransoms, some still do. The costs of business interruption can also be high. 

Damage to the Institution’s Reputation

Reputational damage may be unseen but can still significantly impact a financial services institution’s health. Customers who have had their personal information stolen through a ransomware attack on a financial institution may no longer trust the institution and take their business to another company. The institution’s share prices may also decline due to negative publicity, especially if it is found that the institution failed to follow data security protocols.   

The Reasons Why Ransomware Is Particularly Dangerous for Financial Institutions 

Ransomware is one of the most severe cyber threats to organizations in financial services. While other industries are also at high risk, financial institutions have specific characteristics that make them appealing to cybercriminals planning a ransomware attack. Here are a few reasons why ransomware attacks on financial institutions are particularly dangerous:

Sensitive Financial Data 

Financial services institutions handle sensitive personal and financial data for their customers and clients. Much of this information is stored electronically, making it a possible target for a ransomware attack. Financial services organizations store data such as: 

  • Credit card numbers 
  • Savings and checking account numbers 
  • Social Security numbers 
  • Wills 
  • Titles 
  • Estate documents

Reliance on Technology and Financial Systems

Financial services have increasingly adopted digital and cloud-based systems for their daily operations. For example, the percentage of Americans using digital banking rose from 2018 to 2022. Financial services institutions have a huge number of people who do business online and activities that occur digitally. These institutions also tend to work with multiple vendors, from software to banking equipment vendors, all of which could have access to customer data.

Financial institutions have a broad attack surface because of this reliance on technology. The enormous flow of information through a financial institution’s systems presents a challenge to securing and protecting its data.

Potential Disruption to Financial Markets

Ultimately, a ransomware criminal’s motivation for attacking a financial services institution comes down to money. Banks and other financial institutions consistently handle up to millions or trillions of dollars, making them prime targets for criminals interested in enormous payouts. While businesses in different industries also handle large sums of money, financial institutions provide ransomware criminals multiple opportunities for profit.

Steps Financial Institutions Can Take to Prevent Ransomware Attacks

Ransomware is a threat your financial services institution should take seriously. While the likelihood and severity of ransomware attacks on financial institutions have increased, institutions have strategies available to help them prepare for and prevent a ransomware attack. Understanding the nature of the threat can help your institution safeguard its critical data and protect itself from risk.

Here are a few steps that can prevent ransomware attacks on financial institutions:

Implementing Strong Cybersecurity Measures

It is more essential than ever for financial services institutions to put effective cybersecurity measures in place to protect their systems and data. For example, following an IT security checklist helps your institution ensure it takes every effort to prevent a security compromise. This may include steps such as:

  • Assessing vendor risk and strengthening vendor security
  • Installing file-access restrictions
  • Implementing firewalls and anti-malware
  • Patching and updating outdated systems

Training Employees to Recognize and Avoid Ransomware Threats

Another essential step financial services institutions should take to protect their data is training employees in cybersecurity best practices. Ransomware is frequently spread through phishing emails, which mimic trusted stakeholders to solicit sensitive information from employees. Training employees to recognize phishing schemes and report them can help your institution avoid a number of these attacks.

Developing a Response Plan in Case of an Attack

Implementing cybersecurity measures and training employees to recognize and avoid ransomware attacks are helpful methods for preventing an attack. However, businesses can’t prevent every attack, as ransomware constantly evolves. Develop a ransomware response plan in case of an attack to ensure your institution isn’t caught off guard.

Invest in robust disaster recovery solutions and conduct frequent vulnerability tests to spot weaknesses before ransomware attackers exploit them. Avoid paying the ransom and report the attack to the proper authorities within at least 36 hours, as the Federal Deposit Insurance Corporation (FDIC) requires.

Find the Best Cybersecurity Solutions From Morefield

Institutions in the financial services industry must prioritize cybersecurity to protect themselves and their customers from the consequences of ransomware attacks. These attacks can devastate institutions and their clients, leading to financial and reputational damage.

Morefield has decades of experience developing best-in-class IT solutions that are cost-effective, reliable and comprehensive. Our IT services for financial services institutions include security, unified communications and fully managed IT and networking. With over 75 years of industry experience, we have the experience and skills to optimize your systems while complying with industry regulations and providing exceptional customer service. Reach out to our IT experts to talk about your cybersecurity needs and find the best solution.

Exciting news from Altoona

A good sign of a thriving business…. You’ve outgrown your building.

Our Altoona regional office is moving! We have spent many wonderful years in “the old schoolhouse” on Kettle Street, and while we will cherish the memories, we are excited to grow into a new space.

Don’t fret, we love our Altoona community and will not be moving far. Our involvement in the local communities and love for the region is embedded in our history and is a continued focus for our future.

We will be announcing our new location as soon as we are ready for the big move.

Stay tuned for more updates in the coming months!

7 Customer-Facing Technologies to Give You an Advantage

PICPA 2023 Conference: CFO & Cybersecurity Speakers

Morefield at the Pennsylvania Institute Of Certified Public Accountants 2023 Conference

We are honored to have had our Chief Financial Officer (CFO), LeeAnne Stump, and Virtual Chief Information Security Officer (vCISO), Allan Jacks, participate in this year’s conference discussing being a strategic leader and cybersecurity in the financial industry.

LeeAnne teamed-up with Elizabeth Wilson, Chief Financial Officer at Valley National Financial Advisors to discuss the role of CFO: The Strategic Leader and Allan will be leading a session on Cybersecurity: What You Really Need and Why.

Thursday, March 23, 2023

12:25 p.m. – Cybersecurity: What You Really Need and Why

Allan Jacks, Virtual Chief Information Security Officer (vCISO), Morefield

  • Cybersecurity: past and future
  • Discuss a three-pronged approach to cybersecurity: technology, processes, and people
  • Dive into the motivations for cybersecurity; compliance requirements, insurance requirements, privacy requirements (H.R. 8152 (ADPPA), PA HB 2202, PA HB 1126, PA HB 2257) and due care vs. due diligence

3:10 p.m. – CFO: The Strategic Leader

LeeAnne Stump, Chief Financial Officer, Morefield & Elizabeth Wilson, Chief Financial Officer, Valley National Financial Advisors

  • Collaborative strategic alliances – Create, develop, and nurture both internal and external relationships
  • Self awareness – Recognize that it takes a village
  • Knowledge sharing – Get everyone to “think like an accountant”
  • Importance of data – Drive effective decision making
  • Reality check – Viability, value, and resources
  • Stakeholder communication – Know your audience
  • 4 orientations of the CFO role – responder, challenger, architect, transformer

Learn more at –

4 Proven Ways to Mitigate the Costs of a Data Breach

No business wants to suffer a data breach. But unfortunately, in today’s environment, it’s difficult to completely avoid them. Approximately 83% of organizations have experienced more than one data breach. (IBM Security 2022 Cost of a Data Breach Report) These breaches hurt businesses in many ways. First, there is the immediate cost of remediating the breach. Then, there are the lost productivity costs. You can add lost business on top of that, and lost customer trust. A business could also have extensive legal costs associated with a breach. According to IBM Security’s report, the cost of a data breach climbed again in 2022. The global cost of one breach is now $4.35 million, up 2.6% from last year. If your business is in the U.S., the cost rises to $9.44 million. In Canada, the average data breach costs companies $5.64 million. Costs for smaller companies tend to be a little lower. But breaches are often more devastating to SMBs. They don’t have the same resources that larger companies do to offset all those costs. It’s estimated that 60% of small companies go out of business within six months of a cybersecurity breach. Companies don’t need to resign themselves to the impending doom of a data breach. There are some proven tactics they can take to mitigate the costs. These cybersecurity practices can limit the damage of a cyberattack. All these findings come from the IBM Security report. They include hard facts on the benefits of bolstering your cybersecurity strategy.

Cybersecurity Tactics to Reduce the Impact of a Breach

Use a Hybrid Cloud Approach

Graph from: IBM Security/Ponemon Institute 2022 Cost of a Data Breach Report

Most organizations use the cloud for data storage and business processes. Researchers found that 45% of all data breaches happen in the cloud. But all cloud strategies are not created equally. Breaches in the public cloud cost significantly more than those in a hybrid cloud. What is a hybrid cloud? It means that some data and processes are in a public cloud, and some are in a private cloud environment. What some may find surprising is that using a hybrid cloud approach was also better than a private cloud. Graph from: IBM Security/Ponemon Institute 2022 Cost of a Data Breach Report

Put in Place an Incident Response Plan & Practice It

You don’t need to be a large enterprise to create an incident response (IR) plan. The IR plan is simply a set of instructions. It’s for employees to follow should any number of cybersecurity incidents occur. Here is an example. In the case of ransomware, the first step should be disconnecting the infected device. IR plans improve the speed and effectiveness of a response in the face of a security crisis. Having a practiced incident response plan reduces the cost of a data breach. It lowers it by an average of $2.66 million per incident.

Adopt a Zero Trust Security Approach

Zero trust is a collection of security protocols that work together to fortify a network. An example of a few of these are:

• Multi-factor authentication

• Application safelisting

• Contextual user authentication

Approximately 79% of critical infrastructure organizations haven’t adopted zero trust. Doing so can significantly reduce data breach costs. Organizations that don’t deploy zero trust tactics pay about $1 million more per data breach.

Use Tools with Security AI & Automation

Using the right security tools can make a big difference in the cost incurred during a data breach. Using tools that deploy security AI and automation brought the biggest cost savings. Data breach expense lowered by 65.2% thanks to security AI and automation solutions. These types of solutions include tools like advanced threat protection (ATP). They can also include applications that hunt out threats and automate the response.

How to Get Started Improving Your Cyber Resilience

Many of these ways to lower data breach costs are simply best practices. You can get started by taking them one at a time and rolling out upgrades to your cybersecurity strategy. Working with a trusted IT provider, put together a roadmap. Address the “low-hanging fruit” first. Then, move on to longer-term projects. As an example, “low-hanging fruit” would be putting multi-factor authentication in place. It’s low-cost and easy to put in place. It also significantly reduces the risk of a cloud breach. A longer-term project might be creating an incident response plan. Then, you would set up a schedule to have your team drill on the plan regularly. During those drills, you could work out any kinks.

Need Help Improving Your Security & Reducing Risk?

Working with a trusted IT partner takes a lot of the security burden off your shoulders. Give us a call today to schedule a chat about a cybersecurity roadmap.



Article used with permission from The Technology Press.

Sign Up for Our Newsletter