Skip to main content

The Yankee Express

Homefield CU, MNB dig in against ransomware actors

“Linda,” a customer of Millbury National Bank, won a special anniversary coin bank with $195 inside by playing “plinko,” in 2020.

It is indeed a worrisome situation but one that is being addressed vigorously here in the Blackstone Valley.
“We dedicate a significant amount of resources to managing this area and [to keeping] customers’ information and money safe,” John T. Latino Jr., vice president and chief operating officer of Millbury National Bank, said. “Larger banks can be a target because of the quantity of information and accounts they have, but small banks can be just as vulnerable, if not more vulnerable, because of the often false perception that our systems are not as robust as larger banks/companies.”

 Homefield Credit Union is a strong supporter of local organizations, as evidenced by sponsorship money Homefield donated to the Grafton Lions Club in 2017.

Organizations and firms that want to protect themselves had better watch out, for several reasons, Accenture says. For starters, Accenture points out, “the first months of 2021 targeted critical infrastructure and upstream providers, such as data-rich insurance companies.” Even before that, in 2020, one ransomware “negotiator” reported “multiple cases in which data was destroyed rather than just encrypted, preventing data retrieval even after ransom payment.” Then there are the new “exposure tactics” being employed. These have gathered speed, compounding data-leak damage and adding “reputation damage” to “victim liability lists.” Also, ransomware operators are using “tooling and hands-on keyboard actions to disable endpoint defenses.”
Millbury National Bank is working hard to protect itself, and its customers.
“We utilize a third-party company to provide our core data system and we also use their managed IT services,” Mr. Latino said. “They manage our IT infrastructure, network, internet service, intrusion detection and prevention, firewall, email, antivirus, data loss prevention and provide us backups and redundancy to not only protect our data and our customers’ information, but also ensure we can recover quickly from a disaster, outage, or cyberattack.
“They have been successful in identifying several anomalies and potential attacks and provide 24/7/365 monitoring and protection. They are subject to strong regulatory oversight from the same agencies that regulate the bank as well as audits and other controls. We use them to provide the most safe and secure transaction channels for online banking, mobile banking, and item processing. Our customers’ money and data have never been safer.”
Millbury National has an advantage in being “such a small bank with our hands-on processing and knowledge of our customers,” Mr. Latino says. “Our internal controls for transaction monitoring, electronic transactions, ATM/Debit Card control, and wire transfers [are] extremely effective and [have] successfully prevented fraudulent transactions numerous times. We are a partner for our customers and community and try and educate customers whenever we can about the dangers and pitfalls that exist in our technology-driven world today. We also have continuous training for all of our employees to develop the best line of defense—a human firewall. Knowledgeable, informed, attentive employees are the first and best line of defense against cyber risks.
“We have auditors test our systems and controls on an annual basis to ensure everything is working properly and is up to date. Our regulators also require an in-depth assessment of our risk and scrutinize this area closely.
“I am happy to say Millbury National Bank performs well in this area.” 
  Accenture’s recommendation—obviously self-serving to an extent—is that “organizations should focus on preparation, prevention and pre-encryption defenses.”
  Banks and credit unions in the Blackstone Valley are constantly reminding their customers to be on guard against threats of all kinds; recently, for instance, Millbury National Bank posted “four steps to spot an online shopping scam,” on its Facebook page.
-----------------------------------------------------
Contact Rod Lee at [email protected] or 774-232-2999.By Rod Lee
Yes, in case you were wondering, small local banks and credit unions in the Blackstone Valley are just as vulnerable to cybersecurity threats as large oil companies, food distributors and government agencies.
“We are extremely concerned and use all available resources to protect our members,” Karl Moisan, president and CEO of Homefield Credit Union in North Grafton, said on August 3.
Mr. Moisan and others in the industry have every reason to be alarmed.  Recently, Accenture (Accenture.com), “a third-party defender” against ransomware attacks, raised a new red flag. “Ransomware actors” are expanding data-leak extortion and devising new methods to pressure victims, Accenture said. “Response options are becoming more complicated.”