Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive
150x172_CUEffect.jpg
Contacts
LISA MCCUEVICE PRESIDENT OF COMMUNICATIONS
EDITOR-IN-CHIEF
MICHELLE WILLITSManaging Editor
RON JOOSSASSISTANT EDITOR
ALEX MCVEIGHSTAFF NEWSWRITER
TOM SAKASHSTAFF NEWSWRITER

News Now

CU System
Hacktivist group calls off cyberattacks, diligence advised
WASHINGTON (1/30/13)--A group of hacktivists allegedly responsible for distributed denial of service (DDoS) attacks against 22 large U.S. banks and at least two credit unions announced Tuesday it is calling off the attacks. However, that doesn't mean all such attacks will stop.

The Credit Union National Association has reached out to and is working with the U.S. Treasury's Financial Services Sector Coordinating Council for Critical Infrastructure Protection and Homeland Security to ensure credit unions' interests are represented in the federal government's efforts to help deal with any future attacks.

DDoS attacks typically are conducted for political or ideological reasons, according to Mike Saylor, vice president of technology at the Texas Credit Union League. "There are other reasons for conducting DDoS attacks, but these are the most prevalent, and this type of attack will  continue into the foreseeable future," he said in the league's newsletter (LoneStar Leaguer Jan. 29).

The al Qassam Cyber Fighters' message on Pastebin, an Internet message board, said its attacks are suspended because YouTube removed a trailer advertising of an anti-Muslim film, "The Innocence of Muslims."

It said the group "lauds this positive measure of You Tube and on this basis suspends this operation and plans to give a time to Google and U.S. government to remove the other copies of film as well. During the suspension of Operation Ababil, no attack to U.S. banks would take place by al-Qassam cyber fighters" (Bank Info Security Jan. 29).

The DDoS campaign--the group's second campaign within six months--began its eighth week of attacks Monday. Tuesday's message said the victims of its attacks included the $3.8 billion asset Patelco CU, Pleasanton, Calif., whose website was down five hours, and $1.6 billion asset University CU, Austin Texas, whose site was down two hours. The Pastebin post also named a who's who list of 22 big banks, including Bank of America, Wells Fargo & Co., Capital One, Citibank and JPMorgan Chase. The credit unions emphasized that no member data was compromised during the attacks.

Denial of service attacks have been around a while, said Saylor. "The first DDoS was in the 1880s when teenagers brought down our first phone system."  DDoS attacks a target, such as a website or a network, by flooding the targeted systems with large volumes of data until the systems are overwhelmed and cannot process the data fast enough, Saylor said. The system typically shuts down or freezes.

He advised credit unions to "be diligent. If you start to see degradation in your systems, then you must be timely in your response and communication." Here are four steps to take:

  • Preparation. Establish contacts, define procedures, and gather tools to save time during the attack.
  • Analysis: Detect the incident, determine its scope and involve the appropriate parties.
  • Mitigation:  Mitigate the attack's effects on the targeted environment; and
  • Wrap-up: Document the incident's details, discuss lessons learned and adjust plans and defenses.


RSS





print
News Now LiveWire
CUNA: CUNA offices closed through Friday, News Now returns Monday http://t.co/a5xbLzQKDj
13 hours ago
Reminder: @CUNA's Madison, D.C. offices will be closed through Friday, open again on Monday. #NewsNow will publish Monday.
1 Day ago
MI dentist to match @CUDirect's $20K to @HurleyMedical as a result of #20for20 online voting http://t.co/hqmIc9LpK1 @CMNHospitals
1 Day ago
New #creditunion chartered in St. Louis - #LutheranFCU - by @TheNCUA http://t.co/faPfANGS0P. Only 3rd new FCU charter this year.
1 Day ago
Don't get hacked during the holidays-use these tips from @CUNA http://t.co/jEqxni6NhO #StoptheDataBreaches http://t.co/woIxPOIyys
1 Day ago