CUNA News
  • LOG IN
  • Create Account
  • Sign Out
  • My Account
  • LOG IN
  • Create Account
  • Sign Out
  • My Account
  • Topics
    • Community Service
    • Compliance
    • Credit Union Hero
    • Credit Union Rock Star
    • Credit Union System
    • Directors
    • Human Resources
    • Leadership
    • Lending
    • Marketing
    • Operations
    • Policy & Issues
    • Sales & Service
    • Technology
  • Credit Union Magazine
    • Buyers' Guide
    • COVID-19
    • Digital Edition
    • Credit Union Hero
    • Credit Union Rock Star
    • Subscribe
    • Advertise
    • Contact
  • Advertise
  • Awards
    • Nominate Credit Union Hero
    • Nominate Credit Union Rock Star
  • Podcasts
  • Videos
  • Jobs
  • Contact

News

Home » How to detect and prevent ransomware
Technology

How to detect and prevent ransomware

Ward off attacks with proper password hygiene and other approaches.

September 12, 2018
Bill Merrick
No Comments
How to detect and prevent ransomware
Chris Schatz (left) and Peter Misurek described the “anatomy of a ransomware attack” during the CUNA Technology Council’s 5th Annual Security Summit.

The financial services industry has been plagued with several notable ransomware attacks over the past couple of years, according to Chris Schatz, senior penetration tester for Info@Risk.

These include:

  • CryptoLocker, which encrypts files on the compromised computer and then prompts the user to pay for a password to decrypt them.
  • WannaCry, a ransomware “worm” that spread across many computer networks.
  • NotPetya, a far-ranging malware that affected several global companies.
  • BadRabbit, a “drive-by” attack that tricks victims into downloading malware disguised as common applications, typically via fake Flash updates.

Common infection methods include malicious emails and attachments, vulnerable services such as SMB, malicious web pages, “malvertising,” and corrupt media such as USB drives and CDs, says Schatz, who conducted a threat simulation exercise.

On the flip side, credit unions can take certain detection and preventive measures to ward off these threats, says Peter Misurek, senior information security engineer for Royal Credit Union in Eau Claire, Wis.

Tools to spot compromises include enabling process execution auditing, part of which entails configuring reports and rules to monitor suspicious process executions, Misurek says.

He also advises centrally logging network traffic and monitoring domain name server traffic.

Misurek says credit unions can help prevent comprises by:

  • Practicing proper password hygiene and enforcing strong passwords.
  • Limiting storage of cached credentials.
  • Restricting inbound and outbound internet protocol traffic to only what’s required to do business.
  • Implementing geo-based traffic blocking.

Misurek and Schatz addressed the CUNA Technology Council’s 5th Annual Security Summit Wednesday in San Francisco.

►Click here for more conference coverage from CUNA News, and get live updates on Twitter via @cumagazine, @CUNA_News, @CUNACouncils, and by using the #TechCouncil and #OMECouncil hashtags. Learn more about the CUNA Councils, a member-led professional society for credit union executives, at cunacouncils.org.

KEYWORDS CUNA Technology Council cybersecurity

Post a comment to this article

Report Abusive Comment

Credit Union Magazine: Winter 2022

Winter 2022

Credit Union Magazine’s Winter 2022 issue highlights data-driven marketing, the board’s role in cybersecurity, elder abuse scams, credit unions’ auto lending advantage, and more.
Digital Edition •  Subscribe

Trending

  • Reps introduce bipartisan Credit Union Board Modernization Act

  • Compliance: Experts analyze NCUA’s 2023 supervisory priorities

  • CFPB must convene SBREFA panel for credit card fee rulemaking

Tweets by CUNA_News

Polls

How do you feel about the economy in 2023?

View Results
More

Champion for the Credit Union Movement

Credit Union National Association is the most influential financial services trade association and the only national association that advocates on behalf of all of America's credit unions. We work tirelessly to protect your best interests in Washington and all 50 states. We fuel your professional growth at every level and champion the credit union story at every turn.

More CUNA

  • Membership
  • Contact Us
  • Careers

Resources for

  • Credit Union Advocates
  • Leagues
  • Press
  • Providers

Our Affiliates

  • American Association of Credit Union Leagues (AACUL)
  • Credit Union Awareness
  • Credit Union House
  • CUNA Strategic Services
  • National Credit Union Foundation
GET CUNA UPDATES
© 2023 Credit Union National Association | ADA Compliance Notice & Legal
Email Us