The globalized threat of ransomware and what your organization can do to combat it
Michael Kirby II, Head of Managed Risk and Security Services, FIS
March 14, 2022
With state-run banks and military agencies being targeted, the recent Russian-led attacks in Ukraine have brought the issue of cybersecurity to the forefront, exposing vulnerabilities at the highest levels. As a result, multiple government cybersecurity agencies have released notices to the financial sector to strengthen cyber defenses in anticipation of broader cyberattacks to come. This comes on the heels of a report stating that ransomware attacks have netted $700 million for cybercriminals in 2021 alone. There are highly motivated cybercriminals who have realized that easy gains and a lot of money can be made today. And they are no longer just targeting large or well-known organizations.
Organizations of all type and size are fair game
Released in February 2022, the joint Cybersecurity Advisory from cybersecurity authorities in the United States, Australia and the United Kingdom pointed out some alarming trends, but also provided recommendations to mitigate cybersecurity risks in today’s volatile threat landscape. One consistent recommendation is to have an offline backup of critical data, and FIS’ Data Restore, a Sheltered Harbor solution, offers financial institution clients just that. And we have a new cybersecurity solution for both FI and merchant organizations too. Read on to find out more.
We are seeing a shift away from “big game hunting” since 2021, with cybercriminals now targeting small to mid-sized organizations with potentially lower levels of security and less likelihood of showing up on the United States’ or other governments’ radars as they are easier and less conspicuous targets.
Larger firms usually have more sophisticated security and more skin in the game when it comes to compliance. It is not uncommon for smaller, regional banks and other organizations of a similar size to not have as robust cybersecurity protocols. We saw this become especially prevalent during the pandemic where the need to get employees up and running to work from home quickly, and/or implement new online methodologies to serve customers, became imperative. In handling the need at hand, this rapid change meant that security was not always top of mind for all organizations. Not having the most secure network configurations or putting off requisite protocols to handle later down the line meant that cybercriminals had a much easier time generating attacks and new threats. The data is clear: the rate of ransomware is on the rise, and it isn’t slowing down anytime soon.
Organizations need to be proactive, not reactive
In such a climate, organizations of all types and sizes need to be on guard and more vigilant than ever before. From an elevated risk of distributed denial of service (DDoS) attacks to the availability of Ransomware as a Service (RaaS), a relatively new phenomenon, the risks are plentiful. To stay afloat and out of the headlines, organizations need to be proactive, not reactive, in their approach to cybersecurity. The speed needed to stay ahead of today’s cyber adversaries creates a tremendous amount of churn and can be beyond the capability of smaller financial institutions and merchants that do not have a dedicated cybersecurity expert, much less team, to rely on for consistent expertise and reliable, 24/7 security monitoring. A cutting-edge cybersecurity solution, alongside the expertise of a trusted partner who can take on some of that heavy lifting, can be the most comprehensive, yet turnkey, option available. A trusted cybersecurity partner can help organizations stay on top of cybersecurity threats through advanced prevention, detection and real-time response, rather than the organization attempting to respond to an event on its own.
The FIS security difference
FIS is that partner for your organization, providing decades of experience as a comprehensive security provider and financial ecosystem expert and relationships with over a million merchants worldwide. Additionally, FIS launched its internal Cyber Resilience program throughout every layer of our organization. Increased monitoring for anomalous activity and responding to indicators of compromise (IoCs) provided by our intelligence partners are key components of this approach. We are incorporating all recommendations from the world’s top cybersecurity authorities into our security controls and deploying requisite countermeasures to stay ahead of the curve. FIS directly applies our advanced security posture to that of our clients, in turn keeping them safe with the same set of people, processes and tools used to keep our organization safe worldwide.
Our global team of cybersecurity professionals utilizes cutting-edge solutions (that we use ourselves for our own products and services) to process trillions of raw security logs, which generates billions of complex events and millions of automated actions to protect our customers and their assets. With FIS Managed Security Services (MSS), clients are assured of first-grade security on their servers, workstations and laptops – the same security that secures the world’s transactions.
The FIS MSS Suite is an end-to-end set of solutions, of which FIS Managed XDR is the newest resource for comprehensive system security, allowing organizations to rapidly detect, analyze, investigate and actively respond to cyber threats with mitigation and containment. This next-generation solution is a cloud-native, lightweight, easy-to-implement cybersecurity solution that is managed by FIS cybersecurity experts. When using FIS Managed XDR, you can rely on the comprehensive financial ecosystem security expertise of FIS to control and secure your technology platform, providing you with peace of mind and the confidence of proactive protection.
In the face of growing and constantly changing threats from cybercriminals, it’s time to protect your organization and your customers.