Cyber & IT Supervisory Forum - November 2023

Internal Use Only

Inject 1 Threat Monitoring and Internal Reporting Time: 20 minutes Table Discussion: 13 minutes, Summary Report: 7 minutes

11

Internal Use Only

Inject 1: Threat Monitoring and Internal Reporting Monday, 10:00 am, June 6: Law enforcement, CISA, and the Financial Services Information Sharing and Analysis Center (FS-ISAC) are actively tracking a spike in reports from financial institutions indicating increased malicious cyber activity, including one particularly active ransomware strain that appears to be targeting the financial sector (i.e., banks, credit unions, mortgage companies and other nonbank entities). Notifications of this anomalous activity have been disseminated by various credible public and government sources to all members of the financial sector this morning as reports of financial sector victims continue to emerge, including some operating within Acme’s home office footprint.

12