The following article has been written by Gregory Berks, SVP and Director of Operational Risk, Vendor Management & Information Security.
Middlesex Savings Bank has been closely following the developing crisis in Ukraine, including the associated cyber incidents.
On February 24, 2022, Russia launched a military incursion into Ukraine and security researchers are currently investigating reports of denial of service and wiper attacks impacting Ukrainian government entities and financial institutions. Additional disruptive attacks on Ukrainian entities in support of ongoing Russian military operations are likely, and there is also potential for reprisal cyberattacks in response to Western economic sanctions. The reprisal attacks may be conducted by Russian government-sponsored threat groups, but more likely will originate from independent threat actors with a pro-Russia agenda.
Computer security incident response teams around the world, including the U.S. Cybersecurity Infrastructure Security Agency (CISA), the UK National Cyber Security Centre (NCSC), and the European Union Agency for Cybersecurity (ENISA), published joint guidance on best practices to help organizations raise their cyber resilience.
As a part of Middlesex Savings Bank’s threat intelligence program, we collect and analyze threat data from all major sources and utilize this information to fortify our security posture.
In addition, we continue to assess emerging risks and remain ready to take swift action to prevent adverse impact to our operations and customers.
Middlesex Savings Bank has been closely following the developing crisis in Ukraine, including the associated cyber incidents.
On February 24, 2022, Russia launched a military incursion into Ukraine and security researchers are currently investigating reports of denial of service and wiper attacks impacting Ukrainian government entities and financial institutions. Additional disruptive attacks on Ukrainian entities in support of ongoing Russian military operations are likely, and there is also potential for reprisal cyberattacks in response to Western economic sanctions. The reprisal attacks may be conducted by Russian government-sponsored threat groups, but more likely will originate from independent threat actors with a pro-Russia agenda.
Computer security incident response teams around the world, including the U.S. Cybersecurity Infrastructure Security Agency (CISA), the UK National Cyber Security Centre (NCSC), and the European Union Agency for Cybersecurity (ENISA), published joint guidance on best practices to help organizations raise their cyber resilience.
As a part of Middlesex Savings Bank’s threat intelligence program, we collect and analyze threat data from all major sources and utilize this information to fortify our security posture.
Our security and technology teams have preventative, detective, and corrective security controls in place including, but not limited to, the following:
- Preventative network controls to block malicious inbound and outbound traffic
- Advanced endpoint detection and response tools for detecting advanced threats
- Automated ingestion of intelligence artifacts
- Active 24/7 monitoring and response to potential security events or threats
- Incident response plans and teams
In addition, we continue to assess emerging risks and remain ready to take swift action to prevent adverse impact to our operations and customers.