Skip to main content
United States flag An official website of the United States government
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Ransomware Is a Serious and Growing Threat

Businesses and individuals face a dangerous and growing threat to the safety of their personal information and data in the form of ransomware.

Ransomware is a form of malware that targets critical data and systems for the purpose of extortion. Once active on a victim’s network or computer, the ransomware encrypts and holds critical and sensitive data hostage until payment is made. A countdown clock usually accompanies the ransom demand and the cybercriminal usually requires payment in bitcoin or another anonymous form of payment. After receiving payment, the cybercriminal may provide an avenue for the victim to regain access to the system or data.

According to the U.S. Federal Bureau of Investigation, ransomware victims in the United States have paid more than $209 million in ransom payments in the first three months of 2016, compared with $25 million in all of 2015. The ransom demands vary greatly, but averages about $500 for individuals and $10,000 for businesses.

Ransomware is primarily delivered through spear-phishing emails. In fact, a recent study by the threat-management company PhishMe found that ransomware attacks make up 93 percent of phishing emails.

However, ransomware is also evolving and becoming increasingly more sophisticated. According to the FBI’s Cyber Division, in newly identified instances of ransomware, cybercriminals are bypassing the need for victims to click on a link in an email. Instead, they are seeding legitimate websites with malicious code to take advantage of unpatched software that may be present on a victim’s computers.

Small Financial Institutions Are Especially Vulnerable

The rising threat of ransomware is a particular concern for smaller financial institutions like credit unions. A recent report by Beazley Breach Response notes the rising threat to small banks and credit unions with less than $35 million in annual revenue. They found that 81 percent of hacking and malware breaches at financial institutions in 2016 occurred in these small financial institutions, compared to 54 percent of the incidents reported in 2015. Beazley said its team handled 86 ransomware attacks during the first six months of 2016, versus 43 for all of 2015.

Ways to Prevent Ransomware

Fortunately, there are ways to mitigate the risk ransomware poses to your credit union. The FBI, U.S. Computer Emergency Readiness Team and the Federal Financial Institutions Examination Council have put out guidance and best practices on how to help protect your systems from this growing threat.

Some of the basic defenses against ransomware include:

  • Educating all staff on the risks and how to use email and the web safely;
  • Making sure to regularly back-up critical systems and data;
  • Maintaining up-to-date firewalls and anti-malware systems and protections;
  • Limiting the ability of users or IT systems to write onto servers or other systems;
  • Having a robust patch-management program;
  • Using web- and email-protection systems and software; and
  • Removing any device suspected of being infected from your systems.

Additional Resources

For additional information on ransomware and its growing threat to financial institutions, visit:

Last modified on