offered by
Industry Letter

Industry Letter Ransomware

To the Chief Executive Officer Addressed:

Ransomware is a form of malicious software (malware) that typically encrypts data, making it inaccessible until a fee (ransom) is paid to the criminals.  Several financial institutions across the country have been the targets of such attacks.  Ransomware is one of the fasting growing forms of malware and warrants the attention of Chief Executive Officers as well as all institution personnel.

The attached document from the FBI’s Cyber Division provides information about this threat and options for managing it.  It includes some technical aspects of prevention; as such, technical staff should be consulted to determine which suggestions are practical for your institution’s operations.

NOTE: The FBI document should not be shared with media or posted on any publicly accessible website; however, the information can be shared with external firms that provide your technical support.

Additionally, the Federal Financial Institutions Examination Council (FFIEC) released two joint statements in 2015 that include controls that could help mitigate the risks of ransomware.  They contain many technical suggestions and, while your staff may have reviewed those documents last year, this information should be reviewed again in light of the increasing incidents of ransomware hitting financial institutions.

Cyber threats will continue to plague us in the coming years.  I encourage you to continue developing a culture of security within your institution.  If you have any questions about the attached notice or other documents related to cybersecurity, please contact Regional Field Manager Holly Chase via email at Holly.Chase@state.ma.us or at (617)956-1500 extension 409.

Sincerely,

 

David J. Cotney

Commissioner of Banks

Table of Contents

Feedback

Did you find what you were looking for on this webpage? * required
We use your feedback to help us improve this site but we are not able to respond directly. Please do not include personal or contact information. If you need a response, please locate the contact information elsewhere on this page or in the footer.
We use your feedback to help us improve this site but we are not able to respond directly. Please do not include personal or contact information. If you need a response, please locate the contact information elsewhere on this page or in the footer.

If you need to report child abuse, any other kind of abuse, or need urgent assistance, please click here.

Feedback