Bringing you live news and features since 2006 

George Ralph, RFA

What can the financial services sector learn from the WannaCry ransomware attack?


By George Ralph (pictured), RFA​ – The aptly named WannaCry cryptoworm, is working its way around the world, encrypting data and demanding ransom payments in the cryptocurrency, bitcoin.

The attack was global in scale, and brought parts of the NHS to a standstill, along with Telefonica in Spain, FedEx, Deutsche Bahn and LATAM Airlines, to name a few.
For financial services firms, WannaCry is a wakeup call, because although the sector seems to have escaped relatively unscathed, so far, the next attack is just around the corner, and:
1) WannaCry has all the signs of an amateur attack. The relatively easy to find “kill switch” hidden in the code. The apparently manual ransom payment mechanism, whereby victims were sent an individual code generated by the hackers. Not conducive to a well organised, slick, global attack and more indicative of a trial run by some inexperienced cyber criminals. The small number of bitcoin payments received so far, which can be publicly seen by anyone. All of this points to an amateur attack, which is terrifying if you think about the damage a well-executed, professional attack could do.
2) WannaCry did not target the NHS in particular, or choose countries to attack. It was a phishing attack aimed at Microsoft operating systems, which is indiscriminate. Phishing attacks like WannaCry rely on human error. People are people across the world, so this is a stark warning to up the ante, with regular staff training on cybersecurity best practices, to update your policies and procedures regularly, and in an engaging way. However you choose to get the message across to users, make sure you do. They are your weakest point.
3) Patching alone is not the answer. By its nature, patching is reactive, not proactive or preventative. That said you should still ensure security patches are installed and maintained as a first line defence. WannaCry uses the EternalBlue exploit and DoublePulsar backdoor to spread through local networks and remote hosts that have not been updated with the most recent security updates, to directly infect any exposed systems. A patch was developed by Microsoft two months ago, but many organisations haven’t yet applied it. 
4) IT departments need to do their bit. Encourage users to back up files and data to a central location, which is managed, secured and encrypted by you, the IT department, who will of course have a multi-layered, comprehensive cybersecurity strategy in place… If the worst happens, you won’t lose any critical data, customers’ data won’t fall into the wrong hands and you won’t fall foul of the regulatory bodies.
5) Cybercrime is a profitable business. Organisations selling monthly subscriptions to vulnerabilities kits, and easy access to malicious code make it an attractive proposition, so beware.

Latest News

After a remarkably difficult 2022, fixed-income funds look to be back in favour with Europe’s investors as inflation fears begin..
CoinShares has announced the addition of two physically-backed Index ETPs to their growing range of crypto ETPs listed on Germany’s..
Just the two European launches this week with Fidelity bringing us a global government bond climate aware UCITS ETF and..
Ten new ETF solutions were launched for the week, each with a distinct value proposition for investors.  Detailed below are..

Related Articles

Vishal Kapoor, Bandhan Mutual Fund
ETF Express reported on a couple of ETF launches in India over the last couple of weeks, including the new...
ETF Awards
We are very pleased to bring you the winners in the 13th outing of the ETF Express European ETF Awards,...
Off the Record Episode 1
ETF Express is pleased to announce the launch of Off the Record, a new podcast series, in partnership with Truss...
Subscribe to the ETF Express newsletter

Subscribe for access to our weekly newsletter, newsletter archive, updates on the site and exclusive email content.

Marketing by