CYBER-ATTACK WARNINGS HEIGHTENED
updated 04/30/13 10:07 AM
California CU Shares Perspective
Some credit unions within the industry—especially the larger ones—are preparing for what information-technology leaders are predicting might happen on May 7: A widespread cyber-attack that could knock out several credit unions' internet and mobile service to members.
Warnings about that specific date regarding possible cyber-attacks, known as Distribute Denial of Service (DDoS) attacks, have been issued by the Credit Union National Association (CUNA). The attacks are aimed at disrupting or suspending online service by saturating a target's network with external communication requests to overload its server.
One California credit union has already experienced such an attack. Patelco CU suffered its own DDoS incident in January and February, where the credit union's members couldn't gain access online to their accounts on two separate occasions.
Patelco learned it was one of the first credit unions among several financial institutions nationwide to become a target of DDoS attacks originating from somewhere in Iran, as evidenced by news reports at the time. No loss of data or theft occurred in either attack, and mobile services were unaffected. Still, the credit union takes the threat extremely seriously.
The hackers “may be looking for other vulnerabilities within the credit union,” said Anthony Vitale during an interview with CU Weekly earlier this year when he held the position of vice president of information technology for Patelco. He has since transitioned to an outside opportunity. “This requires a credit union to take an honest internal look at where there may be vulnerabilities. The bar truly has been raised with these attacks.”
Federal officials reportedly expect the wave of DDoS attacks to continue.
If a credit union is subject to an attack, it will notice a large spike in Internet traffic to its website from one or more IP addresses, and the website will become unresponsive. Proactive measures a credit union can take include: