On July 10, 2020, the Office of Compliance inspections and Examinations (OCIE) released a Cybersecurity Ransomware Alert. Specifically, the OCIE Alert referenced recent reports that indicate one or more threat actors have orchestrated phishing and other campaign designed to penetrate financial institution networks to access internal resources and deploy ransomware.
Specifically, the OCIE Alert referenced an apparent increase in the sophistication of ransomware attacks on SEC registrants. Additionally, the OCIE also observed ransomware attacks impacting service providers to registrants. Although not specifically mentioned by the OCIE, BW Cyber is aware of successful ransomware attacks against registrants’ IT Managed Service Providers (IT MSP) that SIGNIFICANTLY affected the ability of the registrant to operate.
While the threat of a ransomware attack is not new, BW Cyber Services wants to ensure you are aware of the continued sophistication of these attacks and ensure heightened attention is paid to the key preventative measures to prevent ransomware attacks or avoid the detrimental effects if your organization is a victim of ransomware. Specifically, we recommend (at a minimum) registrants focus on the following:
- Implement an ongoing phishing attack test program (should be performed quarterly at a minimum).
- Perform annual Penetration Testing and Vulnerability Scanning – to include both external and internal testing. Of note, BW Cyber has become aware of many vulnerability management solutions that are NO LONGER EFFECTIVE due to remote operations.
- Review and test Disaster Recovery (DR) solutions to ensure cloud data is appropriate protected and backed up to mitigate against an IT MSP ransom attack
- Perform an annual Risk Assessment to meet exceed Rules S-P, S-ID and SCI.
For more information, please contact us.