BSP to banks: Don't pay ransomware attackers
MANILA, Philippines – In the wake of a massive global ransomware attack, the Bangko Sentral ng Pilipinas (BSP) instructed banks and other financial institutions not to pay or communicate with cyber criminals.
Incoming BSP Governor Nestor Espenilla Jr on Tuesday, May 16, issued Memorandum No. 2017-018, laying down guidelines on how BSP-supervised financial institutions (BSFIs) should manage ransomware and other malware attacks.
Espenilla, current BSP deputy governor for supervision and examination, said incidents involving cyber-extortion using ransomware and other types of cybercrimes should be promptly reported to the central bank.
"If infected by a ransomware, BSFIs should refrain from paying or communicating with the malicious actor as this does not guarantee that ransomed or encrypted files will be released," he said.
Espenilla pointed out paying ransom only encourages cyber criminals' illicit activities.
"BSFIs should proactively monitor the cyber-threat environment through robust, timely, and actionable threat intelligence. Additionally, ransomware attacks should be covered by an established and well-tested incident response plan and procedures," he added.
According to him, BSFIs should provide multiple layers of defenses by implementing appropriate controls at the host, network, and endpoint levels to prevent and detect malicious codes.
He explained banks should apply the "least privilege" principle in granting access to all systems and services as well as prohibit the download and use of unauthorized files and software.
Other preventive measures include the installation and timely update of anti-malware software provided by reputable vendors, periodic vulnerability scanning, and effective patch management procedures for all critical systems and applications.
Espenilla said banks and financial institutions might need to seek assistance and cooperate with law enforcement authorities for prompt resolution of cybercrime cases, especially if these involve public safety and security.
A massive cyberattack last week had affected computer systems in over 100 countries, shutting down networks at hospitals, banks, and government agencies. (READ: What we've learned from the WannaCry ransomware attacks)
Espenilla said that while Philippine institutions were not affected, BSFIs should continuously assess the cyber-threat landscape and adjust their information security programs, policies, processes, and capabilities accordingly.
"None so far. We've previously alerted the system to danger. I am sure defensive initiatives have minimized the risk," Espenilla said.
"[But] with the alarming proliferation of ransomware, BSFIs are at an increased risk of loss or unauthorized disclosure of proprietary or sensitive information, operational disruptions, financial losses incurred to restore affected systems, and reputational damage," he added.
The BSP also said banks should ensure that adequate backup and recovery procedures for critical systems and data are in place to mitigate the potential catastrophic impact of ransomware attacks. – Rappler.com
In these changing times, courage and clarity become even more important.
Take discussions to the next level with Rappler PLUS — your platform for deeper insights, closer collaboration, and meaningful action.
Sign up today and access exclusive content, events, and workshops curated especially for those who crave clarity and collaboration in an intelligent, action-oriented community.
As an added bonus, we’re also giving a free 1-year Booky Prime membership for the next 200 subscribers.
You can also support Rappler without a PLUS membership. Help us stay free and independent by making a donation: https://www.rappler.com/crowdfunding. Every contribution counts.