Finastra’s Fast And Effective Response To Ransomware Attack

It seems like every week, there is a new report of a company’s systems being hacked. Ransomware hackers, specifically, are sending out attacks at an alarming rate, with a recent report from security firm Emsisoft revealing that ransomware cyberattacks were up 41 percent over last year, with 205,280 companies losing access to hacked files. In addition, firms paid an average of $84,116 in the last quarter of 2019 to get their files back from online criminals, according to data from security firm Coveware.

Unfortunately, the Covid-19 pandemic has only amped hackers’ attacks on vulnerable targets as more people than ever are working from home and IT staffs are preoccupied with getting everyone up and running remotely. One company that was recently impacted was London-based banking software maker Finastra, whose network was infiltrated by hackers in mid-March. The cyber criminals were able to steal employee passwords and installed backdoors in dozens of servers in critical parts of Finastra’s network.

Become a Subscriber

Please purchase a subscription to continue reading this article.

Subscribe Now

Finastra boasts more than 8,500 customers, including 90 of the world’s 100 largest banks. The company’s software and services run everything from banks’ websites to the back-office systems they use to manage their own money. 

It took the company three days to figure out they were under attack. Once the hackers realized they had been discovered, they sent out a strain of a ransomware called Ryuk, which locked up several servers. Finastra’s security team pulled the infected servers, which eventually reached the thousands, offline. 

 “We believe the attack came deliberately whilst we focused on moving the majority of our global workforce, including several thousands of our colleagues in the Americas, to safer work from home processes in light of COVID-19,” Chief Executive Officer Simon Paris said in a statement.

Its security team’s quick response allowed Finastra to identify and isolate potentially infected servers and bring key services back online within days—without having to give in to paying ransom for their lost info. 

In fact, the FBI recommends that companies don’t pay the ransom demanded by hackers during a cyberattack. Instead, they have requested these firms contact the agency for assistance.

 “Paying the ransom,” one source said, “just makes you a bigger target for next time.”