NBT Bank Logo
NBT Bank - Please Upgrade Your Browser.

It appears that the version of Internet Explorer you are using to view this site is no longer supported by our enhanced website. At NBT Bank we value your security and strive to deliver the highest quality online experience. To ensure the best and most secure performance we recommend upgrading to the latest version of Internet Explorer, Mozilla Firefox or Google Chrome.

Please visit Microsoft.com, Google.com, or Mozilla.org to download the current version(s).

To directly access an account login page please use the links below:
NBT Online Banker | eStatements | NBT Wealth Connection | NBT 401(k) Daily Services | NBT Remote Deposit | LPL Account View Online

If you have any questions or need any assistance please contact Customer Service at 1-800-NBT-BANK.


Increase in Ransomware Attacks

Security Vulnerability Description:

The Federal Bureau of Investigation (FBI), Cybersecurity & Infrastructure Security Agency (CISA), and Health and Human Services (HHS) have released information detailing the rise of ransomware attacks. Common ransomware attacks have continuously been updated to become more effective.

These ransomware attacks have increased “the ease, speed, and profitability of victimization.” The FBI has found that ransomware attacks have increased for all industries. However, there is an even more dramatic increase in hospitals and the healthcare provider industry.

Risk Mitigation:

Network Best Practices

  • Patch operating systems, software, and firmware as soon as manufacturers release updates.
  • Check configurations for every operating system version for HPH organization-owned assets to prevent issues from arising that local users are unable to fix due to having local administration disabled
  • Regularly change passwords to network systems and accounts and avoid reusing passwords for different accounts.
  • Use multi-factor authentication where possible.
  • Disable unused remote access/Remote Desktop Protocol (RDP) ports and monitor remote access/RDP logs.
  • Implement application and remote access to only allow systems to execute programs known ang permitted by the established security policy.
  • Audit user accounts with administrative privileges and configure access controls with least privilege in mind.
  • Audit logs to ensure new accounts are legitimate.
  • Scan for open or listening ports and mediate those that are not needed.
  • Identify critical assets such as patient database servers, medical records, and telehealth and telework infrastructure; create backups of these systems and house that backups offline from the network.
  • Implement network segmentation. Sensitive data should not reside on the same server and network segment as the email environment.
  • Set antivirus and anti-malware solutions to automatically update; conduct regular scams.
  • Regularly backup all files offline.

Plans and Policies

It is recommended all businesses have an updated incident response plan in place to help ensure that the proper steps are taken if your company falls victim to a cyber-attack. Additionally, you can maintain an incident response retainer with a reliable cyber security company.

Ransomware Best Practices

The CISA, FBI and HHS does not recommend paying ransoms. Payment does not guarantee files will be recovered. It may also embolden adversaries to target additional organizations, encourage other criminal actors to engage in the distribution of ransomware, and/or fund illicit activities.

User Awareness Best Practices

It is important to continue to perform social engineering testing and training. Employees are the weakest link in terms of cyber security. It takes one person to click on a malicious link and download ransomware to your organization. Through continuous social engineering testing and training, the risk of human vulnerability can be reduced.

Fraud Alert Icon.

Fraud Alert Archive.

Please visit our Fraud Alert Archive to stay up to date on common ways that cyber criminals try to defraud businesses.

Learn More

This link will take you from NBT Bank's website to a third-party location that is not controlled by NBT Bank. Please note that this new site may have a different policy on privacy, cookies, data collection and other user issues. NBT Bank does not monitor content on third-party websites and does not endorse and is not responsible for the content, guarantees, privacy policy, security, and products and services that are offered or expressed on them.

Are you sure you want to continue?

Yes No
X