Monthly Archives: July 2016

FBI Article: Ransomware

ransom

We receive a lot of positive feedback when we run articles from the FBI’s cyber crime division. We’re pleased the Bureau has encouraged us to share their articles on this topic, so we want to share a recent post from their website about ransomware. Ransomware refers to a malware that restricts access to the infected computer/network and demands that the operators pay some sort of ransom to regain control of their network. We hope this article is helpful to you. Please let us know if you have information or ideas on this topic that our readers may want to hear.

You can find this article, as well as many other articles you may find valuable to keep your business and staff secure against cybercrime, at this web address: https://www.fbi.gov/investigate/cyber↗

For more information about fraud protection tools and product features provided by The Biltmore Bank of Arizona, please visit our website.

Ransomware 

Hospitals, school districts, state and local governments, law enforcement agencies, small businesses, large businesses—these are just some of the entities impacted by ransomware, an insidious type of malware that encrypts, or locks, valuable digital files and demands a ransom to release them.

The inability to access the important data these kinds of organizations keep can be catastrophic in terms of the loss of sensitive or proprietary information, the disruption to regular operations, financial losses incurred to restore systems and files, and the potential harm to an organization’s reputation. Home computers are just as susceptible to ransomware and the loss of access to personal and often irreplaceable items— including family photos, videos, and other data—can be devastating for individuals as well.

In a ransomware attack, victims—upon seeing an e-mail addressed to them—will open it and may click on an attachment that appears legitimate, like an invoice or an electronic fax, but which actually contains the malicious ransomware code. Or the e-mail might contain a legitimate-looking URL, but when a victim clicks on it, they are directed to a website that infects their computer with malicious software.

One the infection is present, the malware begins encrypting files and folders on local drives, any attached drives, backup drives, and potentially other computers on the same network that the victim computer is attached to. Users and organizations are generally not aware they have been infected until they can no longer access their data or until they begin to see computer messages advising them of the attack and demands for a ransom payment in exchange for a decryption key. These messages include instructions on how to pay the ransom, usually with bitcoins because of the anonymity this virtual currency provides.

Ransomware attacks are not only proliferating, they’re becoming more sophisticated. Several years ago, ransomware was normally delivered through spam e-mails, but because e-mail systems got better at filtering out spam, cyber criminals turned to spear phishing e-mails targeting specific individuals. And in newer instances of ransomware, some cyber criminals aren’t using e-mails at all—they can bypass the need for an individual to click on a link by seeding legitimate websites with malicious code, taking advantage of unpatched software on end-user computers.

The FBI doesn’t support paying a ransom in response to a ransomware attack. Paying a ransom doesn’t guarantee an organization that it will get its data back—there have been cases where organizations never got a decryption key after having paid the ransom. Paying a ransom not only emboldens current cyber criminals to target more organizations, it also offers an incentive for other criminals to get involved in this type of illegal activity. And by paying a ransom, an organization might inadvertently be funding other illicit activity associated with criminals.

So what does the FBI recommend? As ransomware techniques and malware continue to evolve—and because it’s difficult to detect a ransomware compromise before it’s too late—organizations in particular should focus on two main areas:

  • Prevention efforts—both in both in terms of awareness training for employees and robust technical prevention controls; and
  • The creation of a solid business continuity plan in the event of a ransomware attack.

Tips for Dealing with Ransomware. While the below tips are primarily aimed at organizations and their employees, some are also applicable to individual users.

  • Make sure employees are aware of ransomware and of their critical roles in protecting the organization’s data.
  • Patch operating system, software, and firmware on digital devices (which may be made easier through a centralized patch management system).
  • Ensure antivirus and anti-malware solutions are set to automatically update and conduct regular scans.
  • Manage the use of privileged accounts—no users should be assigned administrative access unless absolutely needed, and only use administrator accounts when necessary.
  • Configure access controls, including file, directory, and network share permissions appropriately. If users only need read specific information, they don’t need write-access to those files or directories.
  • Disable macro scripts from office files transmitted over e-mail.
  • Implement software restriction policies or other controls to prevent programs from executing from common ransomware locations (e.g., temporary folders supporting popular Internet browsers, compression/decompression programs).
  • Back up data regularly and verify the integrity of those backups regularly.
  • Secure your backups. Make sure they aren’t connected to the computers and networks they are backing up.

screen-shot-2016-09-28-at-7-28-21-pm


↗ Linking to Non-Biltmore Bank Websites

This icon appears next to every link that directs to a third party website not affiliated with Biltmore Bank. Please be advised that if you click this link you will be taken to a website hosted by another party, where you will no longer be subject to, or under the protection of, the privacy and security policies of Biltmore Bank. We recommend that you review and evaluate the privacy and security policies of the site that you are entering. Biltmore Bank assumes no liability for the content, information, security, policies or transactions provided by these other sites.

fbtwitterLinkedIngp

Twelfth Consecutive 5-Star “Superior” Rating for Grandpoint Bank and The Biltmore Bank of Arizona

5-star-logo-MAR-2016Grandpoint Bank and its divisions, The Biltmore Bank of Arizona, Bank of Tucson and Regents Bank, received a twelfth consecutive quarterly 5-Star “superior” rating from independent rating and research firm BauerFinancial,↗ which is regarded as “the nation’s bank rating service.”

The five-star rating, which was based on March 31, 2016 financial data filed with the government, goes only to banks that are considered the strongest in the nation, as assessed for strength, stability and soundness.

According to BauerFinancial, to earn five stars, institutions are required to maintain a tangible capital ratio of at least four percent, a tier 1 risk-based capital ratio of at least four percent and a total risk-based capital ratio of at least eight percent. Other criteria evaluated include: profitability/loss trend, evaluating the level of delinquent loans and repossessed assets, the market versus book value of the investment portfolio, regulatory supervisory agreements, the community reinvestment rating (CRA) and liquidity.

Banks cannot pay to be rated nor opt out of being rated by BauerFinancial. Four- and five-star banks appear on BauerFinancial’s Recommended Report.

screen-shot-2016-09-28-at-7-28-21-pm


↗ Linking to Non-Biltmore Bank Websites

This icon appears next to every link that directs to a third party website not affiliated with Biltmore Bank. Please be advised that if you click this link you will be taken to a website hosted by another party, where you will no longer be subject to, or under the protection of, the privacy and security policies of Biltmore Bank. We recommend that you review and evaluate the privacy and security policies of the site that you are entering. Biltmore Bank assumes no liability for the content, information, security, policies or transactions provided by these other sites.

fbtwitterLinkedIngp

Happy Independence Day

4th of july banner

In observance of our nation’s birthday, we wish everyone a happy 4th of July.

In honor of the holiday, we’d like to share some history about the American flag with you from usa-flag-site.org↗:

On January 1, 1776, the Continental Army was reorganized in accordance with a Congressional resolution which placed American forces under George Washington’s control. On that New Year’s Day the Continental Army was laying siege to Boston which had been taken over by the British Army. Washington ordered the Grand Union flag hoisted above his base at Prospect Hill. It had 13 alternate red and white stripes and the British Union Jack in the upper left-hand corner (the canton).

In May of 1776, Betsy Ross reported that she sewed the first American flag.

On June 14, 1777, in order to establish an official flag for the new nation, the Continental Congress passed the first Flag Act: “Resolved, That the flag of the United States be made of thirteen stripes, alternate red and white; that the union be thirteen stars, white in a blue field, representing a new Constellation.”

Between 1777 and 1960, Congress passed several acts that changed the shape, design and arrangement of the flag and allowed for additional stars and stripes to be added to reflect the admission of each new state.

  • Act of January 13, 1794 – provided for 15 stripes and 15 stars after May 1795.
  • Act of April 4, 1818 – provided for 13 stripes and one star for each state, to be added to the flag on the 4th of July following the admission of each new state, signed by President Monroe.
  • Executive Order of President Taft dated June 24, 1912 – established proportions of the flag and provided for arrangement of the stars in six horizontal rows of eight each, a single point of each star to be upward.
  • Executive Order of President Eisenhower dated January 3, 1959 – provided for the arrangement of the stars in seven rows of seven stars each, staggered horizontally and vertically.
  • Executive Order of President Eisenhower dated August 21, 1959 – provided for the arrangement of the stars in nine rows of stars staggered horizontally and eleven rows of stars staggered vertically.

Today the flag consists of thirteen horizontal stripes, seven red alternating with 6 white. The stripes represent the original 13 colonies, the stars represent the 50 states of the Union. The colors of the flag are symbolic as well: Red symbolizes Hardiness and Valor, White symbolizes Purity and Innocence and Blue represents Vigilance, Perseverance and Justice.

screen-shot-2016-09-28-at-7-28-21-pm


↗ Linking to Non-Biltmore Bank Websites

This icon appears next to every link that directs to a third party website not affiliated with Biltmore Bank. Please be advised that if you click this link you will be taken to a website hosted by another party, where you will no longer be subject to, or under the protection of, the privacy and security policies of Biltmore Bank. We recommend that you review and evaluate the privacy and security policies of the site that you are entering. Biltmore Bank assumes no liability for the content, information, security, policies or transactions provided by these other sites.

fbtwitterLinkedIngp