|For immediate release||November 3, 2015|
FFIEC Releases Statement on Cyber Attacks Involving Extortion
The Federal Financial Institutions Examination Council (FFIEC) members today issued a statement alerting financial institutions to the increasing frequency and severity of cyber attacks involving extortion.
The statement describes steps financial institutions should take to respond to these attacks and highlights resources institutions can use to mitigate the risks posed by such attacks.
Cyber attacks against financial institutions to extort payment in return for the release of sensitive information are increasing. Financial institutions should address this threat by conducting ongoing cybersecurity risk assessments and monitoring of controls and information systems. In addition, financial institutions should have effective business continuity plans to respond to this type of cyber attack to ensure resiliency of operations.
Financial institutions are also encouraged to notify law enforcement and their primary regulator or regulators of a cyber attack involving extortion.
More information about financial institution cybersecurity, including information about mitigating the effects of destructive malware and other threats, is available from the FFIEC at www.ffiec.gov/cybersecurity.htm.
Attachment: FFIEC Statement on Cyber Attacks Involving Extortion (PDF)
The FFIEC was established in March 1979 to prescribe uniform principles, standards, and report forms and to promote uniformity in the supervision of financial institutions. It also conducts schools for examiners employed by the five federal member agencies represented on the FFIEC and makes those schools available to employees of state agencies that supervise financial institutions. The Council consists of the following six voting members: a member of the Board of Governors of the Federal Reserve System; the Chairman of the Federal Deposit Insurance Corporation; the Director of the Consumer Financial Protection Bureau; the Comptroller of the Currency; the Chairman of the National Credit Union Administration; and the Chairman of the State Liaison Committee.