Skip to main content

Protect your organization against ransomware attacks

As the cyberthreat landscape in the electronic payments system continually evolves, the Federal Reserve Banks want to remind you of the importance of reducing the risk of cyberattacks within your organization. Security is everyone’s responsibility, and we encourage your organization to educate your staff on how to stay up to date on security best practices.

Ransomware attacks can happen at any time, regardless of an organization’s size. Ransomware is a type of malware designed to deny access to a computer system or data until a ransom is paid. This type of cyberattack is usually spread through phishing emails or by personnel unknowingly visiting an infected website.

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Agency (CISA) (Off-site) and the FBI’s Ransomware Prevention and Response Document (Off-site) offer helpful tips on ways to help organizations prepare for and respond to ransomware attacks. Some notable tips include:

  • Protect your networks by educating your staff. Educate your employees on how to spot emails from external senders with suspicious links or attachments.
  • Make sure your software and operating systems are updated with the latest patches. Any outdated applications or operating systems are more vulnerable to malware attacks.
  • Keep your system backup separate from your organization’s network and back up data regularly. Be sure to use a backup tool that saves multiple versions of your files so that, if needed, you are able to access the backup before the malware infiltration.
  • Put into place strong spam filters to prevent phishing emails from external senders and configure your organization’s firewalls to block access to malicious Internet Protocol (IP) addresses.
  • Implement a business continuity plan for this type of situation. Ensure your organization has the appropriate backups in place so in the case of an event, your team will be able to restore date from a known clean backup.

What should your organization do if your network becomes infected with ransomware?

  • Keep the infected computer(s) isolated from the network as soon as possible.
  • Secure your organization’s backup data.
  • Change all online account and network passwords after removing the infected system from the network.
  • Contact the Federal Reserve Bank Services Support Center for any security incident involving a FedLine® connection and/or access control feature.

In addition to the guidance provided above by the agencies above, it’s also a good time to review your compliance with FedLine security controls. As a user of FedLine, you also play a role in FedLine’s layered security approach or “defense in depth” and are responsible for establishing and maintaining secure environments in your operations. By adopting similar controls into your enterprise, you can better stay on top of the evolving threat landscape.