WASHINGTON—Members of the Federal Financial Institutions Examination Council Tuesday issued a joint statement alerting financial institutions to the increasing frequency and severity of cyber attacks involving extortion.
Cyber attacks against financial institutions to extort payment in return for the release of sensitive information are increasing, the agencies said.
“Financial institutions should address this threat by conducting ongoing cybersecurity risk assessments and monitoring of controls and information systems. In addition, financial institutions should have effective business continuity plans to respond to this type of cyber attack to ensure resiliency of operations,” the agencies stated.
Banks and credit unions are also encouraged to notify law enforcement and their primary regulator or regulators of a cyber attack involving extortion, the release stated.
To access the statement, which includes the complete steps FIs should consider to protect against cyber attacks involving extortion, click here.
More information about financial institution cybersecurity, including information about mitigating the effects of destructive malware and other threats, is available from the FFIEC at www.ffiec.gov/cybersecurity.htm.
FFIEC members are: NCUA, FDIC OCC, Federal Reserve and the CFPB.