(please click ad for more information)

Current News

Relevant Information—For You, By You

CYBER-ATTACK WARNINGS HEIGHTENED
updated 04/30/13 10:07 AM
California CU Shares Perspective
Some credit unions within the industry—especially the larger ones—are preparing for what information-technology leaders are predicting might happen on May 7: A widespread cyber-attack that could knock out several credit unions' internet and mobile service to members.

Warnings about that specific date regarding possible cyber-attacks, known as Distribute Denial of Service (DDoS) attacks, have been issued by the Credit Union National Association (CUNA). The attacks are aimed at disrupting or suspending online service by saturating a target's network with external communication requests to overload its server.

One California credit union has already experienced such an attack. Patelco CU suffered its own DDoS incident in January and February, where the credit union's members couldn't gain access online to their accounts on two separate occasions.

Patelco learned it was one of the first credit unions among several financial institutions nationwide to become a target of DDoS attacks originating from somewhere in Iran, as evidenced by news reports at the time. No loss of data or theft occurred in either attack, and mobile services were unaffected. Still, the credit union takes the threat extremely seriously.

The hackers “may be looking for other vulnerabilities within the credit union,” said Anthony Vitale during an interview with CU Weekly earlier this year when he held the position of vice president of information technology for Patelco. He has since transitioned to an outside opportunity. “This requires a credit union to take an honest internal look at where there may be vulnerabilities. The bar truly has been raised with these attacks.”

Federal officials reportedly expect the wave of DDoS attacks to continue.

If a credit union is subject to an attack, it will notice a large spike in Internet traffic to its website from one or more IP addresses, and the website will become unresponsive. Proactive measures a credit union can take include:

  • Alerting its network team to actively monitor in-bound Internet traffic that day. The team should be prepared to block traffic from specific IP addresses in an effort to maintain their website's ability to respond to normal business requests.
  • Consider alerting members about the Internet threat for May 7 and asking members to execute critical online banking business on a different day or come into the credit union office.
  • Educating call center staff on the symptoms of a denial of service attack so they can better serve the members and notify their network teams if an attack is underway. The call center staff should be prepared with alternatives to serve the members.

 
print   email   share   share   share

EXPERTS GIVE ADVICE TO CREDIT UNIONS updated 09/18/14 11:26 AM
Your Problem: Solved
Risk-based pricing (compliance), creating an operational plan (strategic planning), and making a solid value proposition (marketing) are all highlighted within the latest “Problem? Solved!” column in Credit Union Digest.

GOV. BROWN SIGNS AB 2293 INTO LAW updated 09/18/14 05:06 PM
Relieves CUs of Collateral Burden
California Gov. Jerry Brown signed legislation today mandating baseline insurance requirements for Transportation Network Companies (TNCs)—a move that will help credit unions burdened by a significant reduction in collateral value when accidents occur to these companies’ drivers.

SEPTEMBER: NAT'L PREPAREDNESS MONTH updated 09/17/14 09:13 AM
CO-OP Reminds CUs to Be Ready
The magnitude 6.1 earthquake that struck Napa, CA on Aug. 24 serves as a reminder for vigilant disaster preparedness, as members depend on their credit unions more than ever in times of emergency.

ARTICLES CALL ON LAWMAKERS TO ACT updated 09/15/14 02:07 PM
Data Breaches in Focus
Various opinion articles defending the credit union movement’s stance on data breaches were published in five regional and community newspapers across California and Nevada within the past week as the latest data theft incident at national retailer Home Depot continues to be critiqued in the media spotlight.