A ransomware attack on a credit union in Dublin, California, has disrupted online banking services for more than 500,000 members. Erin Mendez, President and CEO of Patelco Credit Union, said the banking systems could be down for days or even weeks.
The attack, which began on July 1, hasn’t shut down the credit union’s entire operation. Checks and cash deposits, ATM withdrawals, in-branch loan payments, and certain ACH transactions remain available to members.
However, the incident highlights the continuing threat of ransomware attacks, which have been particularly hard on credit unions. Last December, more than 60 credit unions nationwide were the victims of a ransomware attack.
“Financial institutions share with every other commercial and governmental enterprise a common vulnerability that leaves them susceptible to ransomware attacks—people,” said Kevin Libby, Analyst of Fraud and Security at Javelin Strategy & Research.
“Employees are often the vulnerability through which criminals successfully infiltrate organizations and get their ransomware past security gateways,” he said. “In the Patelco case, a phishing email was the attack vector of choice. This underscores the importance of training employees to identify and protect against common attack vectors including social engineering and phishing.”
A Costly Choice
The average extortion demand per ransomware attack was over $5.2 million in the first half of 2024, according to data from Comparitech. But even that figure understates the potential damage. Earlier this year, Change Healthcare paid $22 million to the hacker group ALPHV/BlackCat following a ransomware attack. With all the disruption in its billing practices, Change Healthcare may have lost roughly $872 million from the attack.
“In simplest terms, ransomware is a persistent problem because it has proven profitable,” said Libby. “So long as criminals receive payment to release control of seized critical infrastructure, they will continue to perpetrate these crimes.”
There is some good news. Comparitech reported 421 confirmed ransomware attacks in the first half of the year, compared to 704 recorded incidents in the same period of 2023.
Additionally, fewer victims are responding to hacker demands. The percentage of ransomware victims who paid ransom demands dropped to 29% in Q4 2023, according to data from Coveware. The report found that the average ransom payment decreased by 33% to $568,705 compared to the previous quarter.