Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive

News Now

CU System
CUNA Warns Of Potential Denial of Service Attack
MADISON, Wis. (4/26/13)--With the increasing prevalence of Distributed Denial of Service (DDoS) cyberattacks, the Credit Union National Association is alerting credit unions to "chatter" that has been detected about a potential widespread attack that could be planned for May 7.

"It is not possible to assess the veracity of the threat at this time, but it is important that credit unions be aware and prepared at all times.  Also, some of the largest credit unions are included in a list of targets for the purported May attack so heightened awareness is warranted," said CUNA Vice President of Information Technology Tom Nohelty Thursday.

DDoS attacks are attempts to disrupt or suspend online service by saturating a target's network with external communication requests to overload its server.

If a credit union is subject to an attack, Nohelty explains, it will see a "very large spike" in Internet traffic to its website from one or more IP addresses and their website will become unresponsive. Proactive measures a credit union can take include:

  • Alerting its network team to actively monitor in-bound Internet traffic that day.  The team should be prepared to block traffic from specific IP addresses in an effort to maintain their website's ability to respond to normal business requests;
  • Consider alerting members about the Internet threat for May 7 and asking members to execute critical online banking business on a different day or come into the credit union office;
  • Educating call center staff on the symptoms of a denial of service attack so they can better serve the members and notify their network teams if an attack is underway.  The call center staff should be prepared with alternatives to serve the members.
The National Credit Union Administration stepped into Washington's cybersecurity discussions earlier this year and identified policies and procedures to guard against DDoS attacks in a new credit union risk alert (13-Risk-01). The alert notes that the sophistication of such attacks require the vigilance of credit unions offering Internet-based financial services. (See resource link to read NCUA tips on mitigating issues presented by DDoS attacks.)

Also of note, the CUNA Technology Council is offering a free May1 webinar entitled, "Mitigating and Responding to a Distributed Denial of Service Attack."  Speakers Bill Podborny, chief security officer of Alliant CU in Chicago, and Glen Roberts, information security researcher of University FCU in Austin, Texas, will lead the session, which is scheduled for 1 p.m. (CT).
Other Resources

NCUA Risk Alert
DDoS Webinar
RSS print
News Now LiveWire
.@SenatorBegich says @TheNCUA risk-based cap. plan attempts 2 solve problem that does not exist, at expense of those served by CUs. Watch NN
39 minutes ago
Target wants stay of discovery in class action suits in data security breach; plaintiffs disagree that it's needed http://t.co/GHqz2S4u5g
58 minutes ago
New HUD Sec'y Julian Castro gets warm send-off from San Antonio's @alamofcu MT Thanks for all the hard work. http://t.co/peb8x4GSRq
1 hours ago
.@CUANYtweets initiates call to action to Gov. Cuomo to sign state-chartered #creditunion FOM bill
1 hours ago
.@MountainAmerica #creditunion CEO helps TV audience understand credit scores #NewsNow http://t.co/makbsIIdzn
1 hours ago