Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive
150x172_CUEffect.jpg
Contacts
LISA MCCUEVICE PRESIDENT OF COMMUNICATIONS
EDITOR-IN-CHIEF
MICHELLE WILLITSManaging Editor
RON JOOSSASSISTANT EDITOR
ALEX MCVEIGHSTAFF NEWSWRITER
TOM SAKASHSTAFF NEWSWRITER

News Now

CU System
CUNA Warns Of Potential Denial of Service Attack
MADISON, Wis. (4/26/13)--With the increasing prevalence of Distributed Denial of Service (DDoS) cyberattacks, the Credit Union National Association is alerting credit unions to "chatter" that has been detected about a potential widespread attack that could be planned for May 7.

"It is not possible to assess the veracity of the threat at this time, but it is important that credit unions be aware and prepared at all times.  Also, some of the largest credit unions are included in a list of targets for the purported May attack so heightened awareness is warranted," said CUNA Vice President of Information Technology Tom Nohelty Thursday.

DDoS attacks are attempts to disrupt or suspend online service by saturating a target's network with external communication requests to overload its server.

If a credit union is subject to an attack, Nohelty explains, it will see a "very large spike" in Internet traffic to its website from one or more IP addresses and their website will become unresponsive. Proactive measures a credit union can take include:

  • Alerting its network team to actively monitor in-bound Internet traffic that day.  The team should be prepared to block traffic from specific IP addresses in an effort to maintain their website's ability to respond to normal business requests;
  • Consider alerting members about the Internet threat for May 7 and asking members to execute critical online banking business on a different day or come into the credit union office;
  • Educating call center staff on the symptoms of a denial of service attack so they can better serve the members and notify their network teams if an attack is underway.  The call center staff should be prepared with alternatives to serve the members.
The National Credit Union Administration stepped into Washington's cybersecurity discussions earlier this year and identified policies and procedures to guard against DDoS attacks in a new credit union risk alert (13-Risk-01). The alert notes that the sophistication of such attacks require the vigilance of credit unions offering Internet-based financial services. (See resource link to read NCUA tips on mitigating issues presented by DDoS attacks.)

Also of note, the CUNA Technology Council is offering a free May1 webinar entitled, "Mitigating and Responding to a Distributed Denial of Service Attack."  Speakers Bill Podborny, chief security officer of Alliant CU in Chicago, and Glen Roberts, information security researcher of University FCU in Austin, Texas, will lead the session, which is scheduled for 1 p.m. (CT).
Other Resources

NCUA Risk Alert
DDoS Webinar
RSS





print
News Now LiveWire
Maine credit unions put Food Mobile on the road to relieving hunger in rural areas http://t.co/R0xpt6BAZE
9 hours ago
.@TheNCUA's Matz: PALS should be exempt from Military Lending Act proposal #NewsNow http://t.co/Vy9uNhOIEr
9 hours ago
#NewsNow Iowa loan growth 3 times national bank rate http://t.co/fUvudPLg5d
12 hours ago
.@ICBA tallies its Home Depot data breach costs: $90M, 7.5M cards http://t.co/iJgRDC2AKZ
13 hours ago
.@icul's Jury elected treasurer of @WOCCU exec committee http://t.co/HEF1UChN8f
14 hours ago