WASHINGTON (2/5/13)--The Obama administration is developing an executive order that will give the U.S. Department of Homeland Security (DHS) and the Department of Commerce increased authority to address distributed denial of service (DDoS) attacks and other cybersecurity issues.
"The executive order will not address financial institutions specifically, but credit unions will want to watch out because the order will have an impact on the financial institution sector," Credit Union National Association Deputy General Counsel Mary Dunn said. The administration has reached out to the National Credit Union Administration as it works to finalize the executive order, she noted.
CUNA has met with the U.S. Treasury's Financial Services Sector Coordinating Council (FSSCC) for Critical Infrastructure Protection and DHS to ensure credit unions' interests are represented in the federal government's efforts to help deal with any future attacks. The FSSCC was formed to prepare for such issues, and the financial services sector is more prepared than most to deal with cybersecurity issues as a result of Y2K preparations, Dunn noted.
CUNA continues to work with credit unions, the FSSCC, BITS and other entities on cybersecurity issues.
At least two credit unions have been victims of recent DDoS attacks. The attacks took down the websites of $3.8 billion asset Patelco CU, Pleasanton, Calif., and $1.6 billion asset University CU, Austin Texas, for hours. The credit unions emphasized that no member data was compromised during the attacks.
Bank of America, Wells Fargo & Co., Capital One, Citibank and JPMorgan Chase are among the larger institutions that were subject to similar attacks by the same group, Izz ad-Din Al Qassam. The group last week said it suspended the attacks after YouTube removed a trailer advertising an anti-Muslim film, "The Innocence of Muslims."
Credit unions have been advised to monitor and be vigilant on their cyber security and risk management systems to cope with DDoS attacks and other cybersecurity threats. Financial institutions should also follow federal financial regulations on Internet and data security, as well as Federal Financial Institution Examination Council (FFIEC) guidance on Internet authentication methods, risk assessment, and customer verification.
For more information about cyber security, please visit the CUNA members-only website.