Callahan Clients, please log in for direct access to:
Learn What You're Missing
Upgrade Your Subscription
Thank you for your interest in reading the fantastic content we have on CreditUnions.com! However, the page you are trying to access is for subscribers-only. To learn more, select an option below.
All users must now log in to read, research, browse, and have fun on CreditUnions.com. Yes, we still offer freebies. And, yes, it’s worth the extra effort.
Print or PDF this article today because you won't have access to it later. Or, click here to learn how to get 24/7 access.
By Ongoing Operations
With the NCUA reporting an industry record of $8.5 billion in net income earned in 2012 — an increase of 36% over the previous year — it is not surprising that credit unions are more than a blip on the radar for cybercriminals. Bank of America, PNC, Capital One, M&T Bank, and others have been attacked recently. But now, along with these larger institutions, credit unions like Patelco Credit Union and UFCU have also reported incidents.
The extent of Distributed Denial-of-Service (DDoS) attacks in the credit union industry is unclear. NCUA regulations only require the reporting of incidents that result in potential compromise of member data. Since a successful DDoS attack may disrupt service, it does not in itself impose a threat to member data. However, the question still remains, "Why does there seem to be a shift towards the credit unions among cybercriminals?"
To understand “why,” you first need to know “who.”
Enter the Izz ad-Din al-Qassam Cyber Fighters. This is an organization of cybercriminals with the capacity to launch high volume coordinated attacks against institutions. These attackers are capable of generating up to 75 Gbps of traffic with the objective of taking down a site or service. There has been speculation that Iran or another nation-state has backed the Al-Qassam Cyber Fighters, however this is not proven. Furthermore, they have been instances during investigations where the source of the IPs used by the cybercriminals were from outside of Iran. Al-Qassam claims no alignment to governments or other organizations.
The Al-Qassam Cyber Fighters began Operation Ababil — a multi-phased plan to launch wide spread DDoS attacks on major U.S. financial institutions — in September of 2012.
So why go after banks instead of major websites like Google? While Al-Qassam attacks are sophisticated, the amount of havoc they can create in larger institutions may be limited by the defensive capabilities of these organizations. Google has one of the most powerful DDoS protection systems in the world. They also have the network capacity required to manage an incoming 75 Gbps attack in order to prevent harm. So in order to get the attention Al-Qassam wanted, they needed a smaller target with great visibility – U.S. financial institutions. By continuing to find smaller and more vulnerable targets, this group can create more successful attacks and generate more news to emphasize their demands.
Given their demonstrated success, it is apparent that DDoS attacks – whether from Al-Qassam or from other entities – will likely continue. This will be a persistent threat until detection and protection mechanisms can make all targets uninteresting. A possible way to end the attacks is to end the vulnerability, and this is exactly what the NCUA is attempting to accomplish.
The NCUA issued risk alert 13-Risk-01 in February 2013 to bring a heightened awareness of current DDoS threats to the credit union industry. 13-Risk-01 delivers critical and timely information regarding the growing cyber-terror threat and offers some guidelines to strengthen information security programs. Specifically the alert should draw attention to risk mitigation efforts, threat monitoring and reporting and the policies and procedures that help credit unions guard against DDoS type attacks.
While no specific changes are required as a result of the alert, several key areas for emphasis are noted:
To further strengthen the Information Security Program, recommendations are also made for credit unions to participate in information-sharing organization such as FS-ISAC and US-CERT – both of which provide opportunities for more detailed information on today’s growing cyber threats.
Be part of the solution that will ultimately close the vulnerability gap for you and others by:
Ongoing Operations, as a Risk Assessment Partner for NeighborBench, can help provide services and expertise to make you part of the solution. Contact us today to see how we can help your business thrive in an adverse environment of cyber criminals and hacker collectives.
David Ciofalo has many years of experience in the IT industry and has been an infrastructure and support engineer for 2.5 years with Ongoing Operations.
This sponsored content article is provided to the credit union community for shared insights and knowledge from a recognized solutions provider in the industry. Please note that the views and opinions offered here do not reflect those of Callahan & Associates, and Callahan does not endorse vendors or the solutions they offer.
If you are interested in contributing an article on CreditUnions.com, please contact our Callahan Media team at firstname.lastname@example.org or 1-800-446-7453.
April 29, 2013
No comments have been posted yet. Be the first one.
Submit your email address to receive daily industry updates and web-only features.
P: 800-446-7453 | F: 800-878-4712
1001 Connecticut Ave. NW Suite 1001
Washington, DC 20036