MADISON, Wis. (2/5/13)--Distributed denial of service (DDoS) attacks that hit 22 banks as well as two credit unions in California and Texas have prompted advice from CUNA Mutual Group on how to prepare for cyber attacks.
Ken Otsuka, risk management senior consultant for CUNA Mutual Group, noted that the scale and speed of the recent attacks were unprecedented. He defines DDoS attacks as attempts to disrupt or suspend online service by saturating the target's network with external communication requests to overload its server.
Although some hacktivists have called off them off the attacks, other groups use DDoS attacks as smokescreens for diverting funds from consumers' accounts.
Otsuka advised credit unions to take six steps:
- Don't underestimate the threat of cyber attacks. "It's true that most credit unions don't face the same risk as national banks from attacks by high profile cybercriminal groups. But the first thing to understand about cyber attacks is that we can't predict the next type of attack to come along," he said. "Don't bet on behalf of your members that your credit union isn't big enough to be a target."
- Mitigate the risk of service interruptions caused by DDoS. Although credit unions can't prevent such attacks, they can establish a process to identify them. Monitor bandwidth usage, use firewall logs to determine what is under attack, and employ an intrusion detection system to identify the type of traffic.
- Perform due diligence on third-party service providers. Ensure that third parties such as Internet service providers and Web hosts address website problems caused by the attacks-- and that they have a contingency plan for these.
- Be prepared to provide timely and accurate information to members. Have a plan to get the word out. The faster you do so, the better you can control the message and counter any rumors or misconceptions about what is happening. Monitor social media to find out what is said in cyberspace about any interruption to online services. You may need extra staff or third-party help to work the phones and contact local media to make sure members get correct information.
- Check transfers initiated via online banking when an attack occurs. If staff are busy answering calls from members who can't access the website or initiating damange control, they may not notice fraudulent transactions initiated through online banking. When a DDoS occurs, review online banking transactions. If necessary, delay executing the transfers until their legitimacy is verified.
- Have a strong multi-factor authentication method in place for online banking systems. The authentication process should comply with the Federal Financial Institution Examination Council's updated authentication guidance issued in 2011. It expects financial institutions to have a fraud monitoring system to detect anomalies in initial logins and authentication of members requesting online banking access to system, and in fund transfers initiated to others.