This Ransomware Self-Assessment Tool (R-SAT) was developed to assist your institution in assessing and mitigating this risk. The R-SAT is essentially a questionnaire that walks you through key measures to protect your bank and to communicate and discuss with your Board the measures you have taken. The R-SAT was developed by the national task force of community bank CEOs in partnership with state bank regulators and the U.S. Secret Service.
- Superintendent letter regarding R-SAT
- Ransomware Preparedness Document
- Ransomware Self-Assessment Tool (R-SAT)
The Treasury Department together with a group of U.S. intelligence and regulatory agencies have jointly released an interagency technical guidance document on how institutions can manage ransomware threats. The document provides an aggregate of already existing Federal government and private industry best practices and mitigation strategies focused on the prevention and response to ransomware incidents. The document outlines recommended preventive measures to protect against ransomware threats and recommended response measures if infected with ransomware.
In the event of a Ransomware attack it is recommended you perform the following steps:
Contact your local FBI office
Des Moines: 515-223-4278
Cedar Rapids: 319-366-2461
Quad Cities: 309-764-9559
For afterhours events there is a 24 hour FBI hot line based in Omaha: 402-493-8688
Report to the FBI Internet Crime Complaint Center
The FBI also requests you report cyber incidents to the FBI Internet Crime Complaint Center (www.ic3.gov). On that web site is a complaint form they want completed.
Contact the Secret Service
It is also suggested you contact the Secret Service at 515-284-4565 for they may be of assistance in some cases.
The Iowa Division of Banking as a member of the Conference of State Bank Supervisors (CSBS) along with the United States Secret Service, and Financial Services-Information Sharing and Analysis Center (FS-ISAC) have developed Best Practices for a strong risk-management program to reduce the risks of corporate account takeover. Corporate account takeover is a form of identity theft where cyber-thieves gain control of a business’ bank account, often by stealing user passwords. Once this information is obtained, thieves can then initiate fraudulent wire and ACH transactions. Recently, there has been a significant increase in the number of cyber-attacks against financial institutions and their customers nationwide including Iowa.
Documents (PDF's) distributed by the IDOB pertaining to CATO.
More information on corporate account takeovers, including the best practices document, is available on the CSBS CATO web page.