FFIEC: Ways to ID, mitigate cyberattacks that use malware

March 30, 2015
WASHINGTON (3/31/15)--Information on how financial institutions can identify and mitigate compromised user credentials and malware was released Monday by the U.S. Treasury's Federal Financial Institutions Examination Council (FFIEC).

According to the FFIEC, theft of credentials and the introduction of malware have often types of cyberattacks that have been increasing in severity and frequency over the past two years.
Compromised user credentials can be those of consumers, employees and third parties, and can be used to access secure systems or system credentials that could allow broader access.
The introduction of malware can come through downloading attachments, visiting compromised websites, connecting external devices such as USB drives or through the installation directly into a system by unauthorized parties with stolen credentials.
In accordance with FFIEC guidance, all financial institutions should:
  • Securely configure systems and services;
  • Review, update and test incident response and business continuity plans;
  • Conduct ongoing information security risk assessments;
  • Perform security monitoring, prevention and risk mitigation;
  • Protect against unauthorized access;
  • Implement and test controls around critical systems regularly;
  • Enhance information security awareness and training programs; and
  • Participate in industry information-sharing forums, such as the Financial Services Information Sharing and Analysis Center.
The FFIEC has also posted a number of resources online with information designed to strengthen user awareness of safe online practices.
According to the FFIEC, the statements released Monday do not contain new regulatory expectations--they are intended to alert financial institutions of specific risk mitigation tips.