(please click ad for more information)

Current News

Relevant Information—For You, By You

CYBER-ATTACK WARNINGS HEIGHTENED
updated 04/30/13 10:07 AM
California CU Shares Perspective
Some credit unions within the industry—especially the larger ones—are preparing for what information-technology leaders are predicting might happen on May 7: A widespread cyber-attack that could knock out several credit unions' internet and mobile service to members.

Warnings about that specific date regarding possible cyber-attacks, known as Distribute Denial of Service (DDoS) attacks, have been issued by the Credit Union National Association (CUNA). The attacks are aimed at disrupting or suspending online service by saturating a target's network with external communication requests to overload its server.

One California credit union has already experienced such an attack. Patelco CU suffered its own DDoS incident in January and February, where the credit union's members couldn't gain access online to their accounts on two separate occasions.

Patelco learned it was one of the first credit unions among several financial institutions nationwide to become a target of DDoS attacks originating from somewhere in Iran, as evidenced by news reports at the time. No loss of data or theft occurred in either attack, and mobile services were unaffected. Still, the credit union takes the threat extremely seriously.

The hackers “may be looking for other vulnerabilities within the credit union,” said Anthony Vitale during an interview with CU Weekly earlier this year when he held the position of vice president of information technology for Patelco. He has since transitioned to an outside opportunity. “This requires a credit union to take an honest internal look at where there may be vulnerabilities. The bar truly has been raised with these attacks.”

Federal officials reportedly expect the wave of DDoS attacks to continue.

If a credit union is subject to an attack, it will notice a large spike in Internet traffic to its website from one or more IP addresses, and the website will become unresponsive. Proactive measures a credit union can take include:

  • Alerting its network team to actively monitor in-bound Internet traffic that day. The team should be prepared to block traffic from specific IP addresses in an effort to maintain their website's ability to respond to normal business requests.
  • Consider alerting members about the Internet threat for May 7 and asking members to execute critical online banking business on a different day or come into the credit union office.
  • Educating call center staff on the symptoms of a denial of service attack so they can better serve the members and notify their network teams if an attack is underway. The call center staff should be prepared with alternatives to serve the members.

 
print   email   share   share   share

CHAPTER FORUM, RECEPTION ENGAGES CUs updated 10/27/14 06:55 PM
Networking and Awards after 'REACH'
Credit union chapter members from across California and Nevada gathered Oct. 23 at the JW Marriott (L.A. Live) in downtown Los Angeles to attend the 2014 Chapter Forum, which offered a full day of valuable networking and educational sessions for attendees who were eager to share individual stories about the work their chapters are accomplishing.

NEEN JAMES CHALLENGES CUs AT 'REACH' updated 10/27/14 04:17 PM
'Time is the New Currency'
By Wednesday afternoon, nearly 700 credit union CEOs, professionals, industry vendors, and guests had attended REACH 2014, the California and Nevada Credit Union Leagues’ Annual Meeting and Convention from Oct. 20-22 at the JW Marriott (L.A. LIVE) in downtown Los Angeles.

CFPB, FTC HOST DEBT COLLECTION FORUM updated 10/27/14 03:31 PM
Latino Consumers Discussed
The Federal Trade Commission (FTC) and Consumer Financial Protection Bureau (CFPB) recently hosted an all-day forum on “Debt Collection and the Latino Community,” which brought together consumer advocates, industry professionals, and regulators to discuss how debt collection issues affect Latino consumers, especially those with limited English proficiency (LEP).

FinCEN: QUARTERLY UPDATE ON 'SARs' updated 10/27/14 03:09 PM
Also, Mortgage Service Transfer Guidance
The Financial Crimes Enforcement Network (FinCEN) has issued its SAR Stats quarterly update, which provides information on Suspicious Activity Reports (SARs) filed through Sept. 30, 2014.