fintech ransomware prevention tool
Technology

Secret Service, state regulators release fintech ransomware prevention tool

The R-SAT is a series of tests focused on helping financial technology firms and payments companies improve their ability to outwit hackers

While ransomware attacks regularly cripple companies ranging from local hospitals to electronics giant Foxconn, financial firms are a particular concern. 

Big banks have big IT departments to protect them from multi-million-dollar bitcoin payment-outs, but smaller, non-bank financial institutions like fintechs, payments companies, and money transmitters are more vulnerable. 

Seeing as that list includes plenty of blockchain companies, and that ransomware gets bitcoin tarred with the reputation as a tool of criminals, it’s something the cryptocurrency industry needs to take seriously.

That vulnerability is why the U.S. Secret Service has teamed up with the Conference of State Bank Supervisors (CSBS) and the Bankers Electronic Crimes Task Force to create the Ransomware Self-Assessment Tool (R-SAT).

The tool is being promoted as a ready-to-use way for the leaders of nonbank financial institutions, and their outside security consultants and auditors, to test how ready they really are for an attack by ransomware hackers and mitigate risks associated with the threat of ransomware and identify gaps that require increased security.

The creators stressed that timely completion of the assessment, as well as periodic re-assessments, will provide a good overview of the company’s preparedness. R-SAT is a series of 11 sets of questions, focused on what these nonbank financial institutions are doing to counter ransomware risks.

“Ransomware attacks can have a devasting impact on any company,” said Kevin Hagler, the CSBS chairman and commissioner of banking and finance for Georgia. “State regulators want to ensure nonbank institutions, including fintech and payments companies, money transmitters and mortgage companies, are doing everything they can to be prepared to identify ransomware incidents, and should an attack occur, respond and recover quickly.”

The good news—depending on how strongly you feel about privacy—is that the ability of law enforcement and blockchain intelligence companies to trace illicit bitcoin transactions is growing. Which has led law enforcement agencies to try and get out ahead of any potential move by criminals and hackers to move from bitcoin to privacy coins like Monero.

 You May Also Like

Ted Knutson is a veteran Washington financial reporter. Knutson does not own any cryptocurrencies.