U.S. Banks Brace For Retaliatory Ransomware Attacks From Russia

cropped cropped cropped Icon 32x32 1

Major U.S. banks are expecting retaliatory ransomware attacks following the imposition of tough sanctions on Russia for invading Ukraine, cyber specialists and executives say.

Tensions between Russia and the West worsened Saturday as the US and its allies attempted to block some Russian banks from the SWIFT international payment system and imposed restrictions on the Russian central bank’s foreign holdings.

SWIFT (Society for Worldwide Interbank Financial Telecommunication) is the global financial network that enables the seamless and quick movement of money across international borders.

SWIFT processes more than 40 million communications every day, facilitating the exchange of trillions of dollars between businesses and governments.

Related Article | Russia Said SWIFT Ban Could Be Tantamount To A Declaration Of War

The Belgium-headquartered processing system connects 11,000 major lenders and financial institutions in more than 200 countries.

Over 1% of those communications are believed to include payments coming from Russia.

Russia Could Get Even Using Ransomware Attacks

For weeks, Western countries have warned that deepening frictions could result in catastrophic ransomware attacks by Russia or its supporters.

According to several executives, the recent SWIFT restriction may have been the catalyst.

Global banks, which are already prime targets for cyber attacks during peacetime, are beefing up network monitoring, conducting drills for hacking scenarios, deep-scanning their networks for threats, and staffing up in case hostile activity spikes, cyber security experts said.

They are preparing for a variety of risks, including ransomware assaults from Russia.

Ransomware can block a user from accessing a device or its files until the attacker receives a ransom payment, which is most typically made in Bitcoin.

VOlpDV1K

Total crypto market cap at $1.657 trillion in the daily chart | Source: TradingView.com

$265 Billion Lost By 2031 To Cyber Attacks

For law enforcement, security professionals, and governments, ransomware has grown to be one of the most prevalent cybercrime threats in the last few years.

When a ransomware attacker demands payment in Bitcoin or other type of cryptocurrency, he or she will broadcast a crypto address to which the victim must send money.

According to Cybersecurity Ventures, ransomware attacks will cost victims more than $265 billion in US dollars yearly by 2031, with a new attack occurring every two seconds as ransomware criminals refine their malware payloads and associated extortion arsenal.

The US Federal Bureau of Investigation’s Internet Crime Complaint Center (IC3) estimated ransomware losses at nearly $30 million last year, with the agency receiving 2,474 formal complaints about ransomware for 2021 alone.

US Banks Mum On Cybersecurity Strategies

The top banks in the United States, including JPMorgan Chase, Citigroup, Bank of America, Wells Fargo, Morgan Stanley, and Goldman Sachs Group, either did not respond to requests for comment or declined to share their cybersecurity strategies.

According to Teresa Walsh, global head of intelligence at the Financial Services Information Sharing and Analysis Center, US banks have been brainstorming risk scenarios based on previous Russian hacking efforts.

Related Article | Russian Politicians’ Crypto Wallets Targeted By Ukraine – Hefty Reward Up For Grabs

Russia has already used cyberattacks to destabilize Ukraine. In 2017, Russia-linked hackers launched the so-called NotPetya cyberattack, which targeted not just Ukrainian companies but also those in Europe and the United States.

Because of ransomware’s documented effectiveness, it may be used to gain an advantage during trade negotiations or political tensions, with nation-states either engaging geographically distant third parties to ensure plausible deniability or making no effort to conceal their involvement.

While ransomware creators will continue to change the architecture of their destructive code, it is conceivable that over the next 10 years, ransomware will evolve into an entirely new function as a cyber weapon deployed in a constantly shifting geopolitical atmosphere.

Featured image from Threatpost, chart from TradingView.com