MADISON, Wis. (5/8/13)--A dozen large credit unions on a hackers' hit list targeted for possible distributed denial of service (DDoS) attacks Tuesday got through most of the day without incident as of press time. An alert distributed by the Federal Bureau of Investigation Tuesday morning, however, indicated potential attacks could still exist until Thursday.
The 12 credit unions were among more than 133 financial institutions and nine government agencies, including the FBI and the White House, listed as targets on Pastebin by the hacker group OpUSA. The group had indicated that the cyber campaign would launch "on or about May 7."
Because of time zone differences between the U.S. and the countries where participating hacker groups may reside, the FBI said it expected most "significant" attack activity to occur during late afternoon or early evening EDT. However, it also warned that the groups might operate during late evening to early morning EDT, when U.S. organizations might be perceived as not have technology personnel available.
A DDoS attack involves using botnets of hijacked computers to overwhelm a website with so many requests that it can't respond to legitimate requests and stalls.
News Now checked in with credit unions on the list Tuesday and also logged into their websites and saw no evidence of a slowdown.
"So far, normal operations," said Jim Blaine, president of State Employees' CU in Raleigh, N.C., at around 3 p.m. ET. "We continue to monitor it closely," he added.
That sentiment was echoed by a number of the credit unions on the list, including BECU, Tukwila, Wash., and The Golden 1 CU, Sacramento, Calif. All are monitoring for developments.
"Everything looks good at this point," Patti Barrow, vice president of marketing at Suncoast Schools FCU in Tampa, Fla., told News Now.
Nicole Cypers, public relations and social media manager at American First CU, Riverdale, Utah, and Todd Camp, marketing communication analyst at American Airlines FCU, Fort Worth, Texas, reported no evidence of DDoS attacks.
Others on the target list included Alliant CU, Chicago; San Diego (Calif.) County CU; Security Service FCU, San Antonio; SchoolsFirst FCU, Santa Ana, Calif.; Navy FCU, Vienna, Va.; and Pentagon FCU, Alexandria, Va. Their websites were working as usual on Tuesday afternoon.
The Credit Union National Association and several leagues alerted credit unions last week about the hacker campaign.
Even states that do not have credit unions on the public target list are warning the public of the potential attacks. "We are taking it very serious," said Patrick Harris, director of media and public relations at the Ohio Credit Union League. The league and the Ohio Bankers League sent out their first joint widespread consumer notice warning of the coordinated online attack (Dayton Daily News May 7). Credit unions not on the list were monitoring their sites as well.