Imagine this scene: you arrive at the office to find everything is essentially on lockdown. Your computer network and customer data files are inaccessible. Email is offline. The lights, landline phones, WiFi and heating, ventilation and air-conditioning (HVAC) system are not working. Even if you could reach your customers and business partners, you cannot begin to guess when you will be up and running again, or whether their personal or corporate information has been hacked.

As ransomware attacks increase, more financial services providers are living this nightmare – and paying the price of lost business, reputational damage and, in some cases at least, seven-figure ransom payments.

Hackers, often working for criminal organisations, have shut down city governments, banks, school districts and medical centres, by breaking into their computer systems to shut them down until the victim gives in to their extortion demands. The financial services sector has proven particularly vulnerable – more than 25 percent of all malware attacks have hit banks and other financial firms, more than any other industry, according to cyber security provider IntSights.

Because the effects of these assaults are apparent to so many, they often become public quickly. This complicates matters greatly for the targeted financial institution (FI) (or any targeted organisation). Not only must it work with law enforcement and cyber specialists to assess the incident and figure out how to get everything back to normal as soon as possible, the organisation must maintain control over internal and external messaging in a frightening, chaotic and intensely dynamic situation. How the victim handles communications will affect trust in the institution and its public image in the weeks, months and even years ahead.

Oct-Dec 2019 Issue