NEW YORK (7/21/14)--Since 2011, more than 250 distributed denial of service attacks have been perpetrated against American banks and credit unions, according to Treasury Secretary Jacob Lew, who spoke at the Delivering Alpha Conference in New York last week. The frequency of such attacks, as well as the personal and economic stakes in keeping information secure, lead many financial institutions to spend as much as $250 million per year to strengthen cybersecurity measures.
"The consequences of cyber incidents are serious. When credit card data is stolen, it disturbs lives and damages consumer confidence. When trade secrets are robbed, it undercuts America's businesses and undermines U.S. competitiveness," Lew said. "Successful attacks on our financial system would compromise market confidence, jeopardize the integrity of data and pose a threat to financial stability."
Lew pointed to attacks on businesses such as Target, Neiman Marcus and Michael's, as well as a recent hack into the Associated Press Twitter account. Hackers falsely tweeted about an attack on the White House, causing the Dow Jones industrial average to fall by more than 100 points within three minutes.
"One back door is all a malicious actor needs to transmit large scale damage. Look at the Target incident. Criminals entered Target's systems by first infiltrating the network of one vendor, a refrigeration services company in Pittsburgh," he said. "Once inside, these intruders reached in-store computer networks, stole credit card information from millions of Americans, and sold that information on the black market."
The U.S. Treasury Department has created an information sharing and analysis unit, the Financial Sector Cyber Intelligence Group, designed to deliver actionable information financial institutions can use to protect themselves. The unit, made up of cyberexperts and security analysis, searches through law enforcement and intelligence reports to find relevant activity and issue information bulletins.
"If you are the leader of a business, you should know how strong your company's defenses are, you should know if there are response plans in place in case a significant security breach occurs, and you should be getting regular reports on cybersecurity threats and what your company is doing to respond to those threats," he said.
Credit Union Magazine featured an article on cybersecurity this month, written by Mike Flouton, vice president of product marketing for SilverSky, a CUNA Strategic Services alliance provider.
The article, titled "Five Cybersecurity Considerations for CUs," lays out several strategies for strengthening cybersecurity while getting the best value for money spent, including:
- Looking for products and tools that cover multiple bases, such as a secure e-mail hosting provider that ensures compliance of any communications coming into or out of the organization;
- Finding a security provider who monitors threats and analyzes security alerts at all times; and
- Collaborating with other business units to ensure best practices are being exercised and members are not being negatively affected by security procedures.
Use the resource link below to see the full article.