New York Regulator Issues New Guidance on Growing Ransomware Threat

July 2, 2021

The New York State Department of Financial Services (DFS) has issued new guidance on preventing ransomware attacks. In the guidance, DFS identifies cybersecurity controls that it says reduce the risk of a ransomware attack and should be implemented by companies wherever possible.

“As ransomware attacks continue to surge, implementing cybersecurity measures is critical to protect consumers and business lines,” said DFS Superintendent Linda Lacewell in a DFS press release. “As reported, cybercriminals are not only extorting individual companies but also jeopardizing the stability of the financial services industry. We must all do our part to prevent ransomware incidents.”

The press release stated that ransomware incidents have increased in frequency, scope and sophistication, with the reported rate of ransomware attacks increasing 300% in 2020. It added that larger extortion payments have financed the development of more effective hacking and ransomware tools and added more hackers to their ranks.

With this in mind, DFS said in the release that it is joining the FBI in recommending that companies avoid making ransomware payments if their networks are compromised.

DFS has examined the ransomware incidents reported by its regulated entities over the past year and a half and has observed that they follow a similar pattern in which hackers enter a victim’s network, obtain administrator privileges once inside and then use those elevated privileges to deploy ransomware, avoid security controls, steal data and disable backups.

DFS is urging all regulated entities to prepare for a ransomware attack by implementing measures such as:

  • Train employees in cybersecurity awareness and anti-phishing;
  • Implement a vulnerability and patch management program;
  • Use multi-factor authentication and strong passwords;
  • Employ privileged access management to safeguard credentials for privileged accounts;
  • Use monitoring and response to detect and contain intruders;
  • Segregate and test backups to ensure that critical systems can be restored in the face of an attack; and
  • Have a ransomware specific incident response plan that is tested by senior leadership

DFS has also issued multiple alerts regarding ongoing cyber threats, including the SolarWinds attack, weaknesses in Microsoft Exchange Server and an ongoing cyber fraud campaign identified by the department. A copy of its most recent guidance regarding ransomware can be found on the DFS website.

Source: New York State Department of Financial Services

Popular Today