Sophisticated bad actors looking to gain access to a registered investment adviser ("RIA") firm’s sensitive and non-public information may look to target the firm via a ransomware cyber attack. In a ransomware attack, hackers look to access personal or company data, block the individual or company's access to that information, and hold it hostage until a ransom is paid to unlock the data. In other instances, if the bad actor gains access to potentially embarrassing or sensitive information, the hacker will threaten to distribute the information publicly if the ransom is not paid.
Ransomware is a specific type of malware that when installed on a computer or server, encrypts the data preventing the advisory firm from accessing the data without the decryption key. In other ransomware attacks, access to a staff member's entire computer is locked or their computer is prevented from being able to load. Ransomware malware is often circulated via phishing emails and most commonly installed when a staff member downloads a malicious file via an email attachment or web link or by clicking on a link within a phishing email. Once exploited, the user receives a message on the computer screen with instructions on how to pay the ransom to unlock the data. The Federal Bureau of Investigation generally encourages businesses to not pay such ransoms. And even if the ransom is paid, there is no guarantee that the data will be released.