MARY LOU MONTGOMERY
For the Courier-Post
The number one concern of banking regulators is no longer a robber walking in through the bank’s front door and demanding money. Instead, it is cybersecurity.
Cybersecurity is security efforts that are applied to computers, computer networks, computer users, and the data stored and transmitted.
Levon Mathews, president and CEO, and Carl Watson, CFO at Hannibal’s F&M Bank and Trust Company, recently attended the latest bank regulators’ meeting, garnering information regarding the full thrust of the raging threats against the financial industry. The head of security with the Secret Service was the key speaker.
Cybercriminals are not after the banks’ money as much as they are after personal information of our customers. “Their target is you, our customer. This stuff is going on every second of the day.” Mathews said. “You don’t know what’s happening to you behind the scenes.”
“We are on the front edge of fighting the threat,” Mathews said. “We are working with the Secret Service and the FBI. We are taking a proactive response to cyber- security by leveraging every resource available. The intent is to protect the bank, its customers, its employees, and the community from cybercrime,” Mathews said.
F&M Bank and Trust Company is actively working with the National Cybersecurity and Communications Integration Center (NCCIC) and the United States Computer Emergency Readiness Team (US-CERT) to identify and respond to data breaches. In addition, the bank is a new member of the Financial Services Information Sharing Analytical Center (FS-ISAC). “This is an information sharing tool that allow agencies – including F&M Bank - to blast out to everyone” when suspicious activity is detected. Additionally, F&M continues to work with the American Bankers Association as well.
By working with the Secret Service and the FBI, “We are doing everything humanly possible to stay on top of the changing industry,” Mathews said. “We have layers and layers of defenses in place,” Watson said.
“We receive emails multiple times a day with information about vulnerabilities in the software programs we use,” Watson said. “The alert emails notify us of vulnerabilities and when patches are available to be installed. James Cernea (Digital PC Solutions) takes the patches and rolls them out to our banks’ servers and PCs. Every day new vulnerabilities are surfacing.”
Carl Watson offers actions that consumers can take to protect themselves. “Think before you click. If an e-mail looks suspicious or if you don’t recognize the sender, don’t open it. A link or attachment in an email can be a “phishing” attempt to get malware or a virus onto your computer.”
“They want to get malware onto your computer, which allows them to replicate your keystrokes and gain access to your passwords. It’s the information they’re after,” Watson said. He noted some best practices……….change your passwords frequently, don’t use the same passwords over and over, and don’t use the same password for every site.
When you receive notification of an upgrade, instead of clicking on the “upgrade now”, go to the actual web-site of the program being updated to do the update. Don’t click on an upgrade just because it says, “upgrade now.”
Don’t assume you are safe just because you have a Mac instead of a PC. “Macs have vulnerabilities too,” James Cernea said. “The notion is that Apples products don’t get viruses. They are susceptible to various types of malware/viruses as well.”
“Malware tries to take information,” Cernea added. “It will hijack your home page and search engines, then everything you search for may be redirected to a malicious site.”
Another potential cyber threat is cryptoware. “They will encrypt your data so you can’t use it unless you pay for the encryption key,” Watson said. “They may want the ransom to be paid in bitcoins since they are difficult to trace” Cernea said.
“If you have antivirus and antimalware programs on your computer, it may help stop the cryptoware before it encrypts your data,” Cernea said.
Watson likens the black market that exists for buying and selling personal data to a mega-store sales site. “The bad guys are shopping for ID’s and others are actively selling stolen information.”
Cernea said it is known as the “Dark Web.”
Again, F&M Bank and Trust Co. is using all resources available to protect the bank, its customers, its employees, and the community from cybercrime.