FS-ISAC Monitoring Ransomware Attack; No Financial Sector Impacts Yet Reported

Screen seen by WannaCry ransomware victims after their files are encrypted.

A massive ransomware cyber attack spread around the world on Friday, affecting more than 230,000 computers in about 150 countries, according to news reports over the weekend. Users of infected computers received a message that their files had been encrypted and that they should pay a ransom in bitcoin in order to decrypt their files.

Through its membership in the Financial Services Information Sharing and Analysis Center, the American Bankers Association is closely monitoring the attack. As of Sunday, there were no known effects on the U.S. financial services sector. Friday’s attack — alternately dubbed “WannaCry,” “WannaCrypt” or “Wanna Decryptor” — exploits known vulnerabilities for which patches are available. Institutions and individuals that had not recently updated their software or who were running unsupported versions of software were vulnerable.

ABA encourages all banks to become FS-ISAC members to receive the latest updates on cyber threats to the financial industry. ABA has also produced several resources to help banks and their customers — in particular business clients — understand ransomware and respond should they become victims of an attack. For more information, contact ABA’s Doug Johnson.