MADISON, Wis. (5/9/13)--While some websites overseas experienced defacements by hacktivists Tuesday, the 133 U.S. credit unions and banks on an OpUSA list of targets were unaffected--as of early Wednesday afternoon--by distributed denial of service (DDoS) attacks that groups had threatened to unleash "on or about" Tuesday.
However, credit unions--even those not on the list--took precautions to make sure they were prepared and Wednesday they were still monitoring their websites.
One credit union not on the hit list--SRP CU, a $635 million asset credit union based in North Augusta, Ga.--told local media that it shut down its online services for about 24 hours to protect its members' confidential information. It had its information technology department on high alert and used onsite tools as well as a third party to monitor activity (wrdw.com May 7). A member who was interviewed took the inconvenience in stride, noting that protecting members' information was important.
Wright-Patt CU, Fairborn, Ohio--also not on the target list--monitored its online traffic throughout Tuesday for signs of any cyberattack. The credit union prepares for such events regularly and has internal processes to address any issues, Tracy A. Fors, WPCU's vice president of marketing and business development told the Dayton Daily News (May 7).
Twelve credit unions, as well as a handful of government agencies and 121 banks, were among those on the target list posted on PasteBin by the hacker group Anonymous. The credit unions reported no slowdowns but were continuing to monitor traffic on their websites. The Federal Bureau of Investigation--whose site was among the agencies targeted--said the threat alert of possible DDoS attacks would continue into today.
Instead of DDoS attacks in the U.S., what materialized on Tuesday was a series of defacements of what USA Today (May 7) termed as "random government and commercial websites" around the globe. Most of the sites defaced have no connection to the U.S., and were in Europe, South America and China.
Corero Network Security told the publication that it appears that hacktivists focused on smaller websites that have fewer resources and may be more easily compromised. Although there was no significant impact on the financial services industry, even nuisance attacks are costly with companies devoting more technical resources to monitoring suspicious activity.
On Tuesday, Information Week noted that al_Qassam Cyber Fighters, an organization responsible for a number of DDoS attacks disrupting financial websites--including credit unions--for months, had promised to take this week off its own cyberactivities so it wouldn't duplicate the Anonymous efforts.