Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive
150x172_CUEffect.jpg
Contacts
LISA MCCUEVICE PRESIDENT OF COMMUNICATIONS
EDITOR-IN-CHIEF
MICHELLE WILLITSManaging Editor
RON JOOSSASSISTANT EDITOR
ALEX MCVEIGHSTAFF NEWSWRITER
TOM SAKASHSTAFF NEWSWRITER

News Now

Washington
NEW: NCUA Provides CUs With Cybersecurity Guidance
ALEXANDRIA, Va. (UPDATED: 1 p.m. ET, 2/20/13)--The National Credit Union Administration has stepped into Washington's cybersecurity discussion, identifying appropriate policies and procedures to guard against distributed denial-of-service (DDoS) attacks in a new credit union risk alert (13-Risk-01).

"The increasing frequency of cyber-terror attacks on depository institutions heightens the need for credit unions to maintain strong information security protocols," the notice said.

DDoS attacks are attempts to disrupt or suspend online service by saturating the target's network with external communication requests to overload its server. The NCUA letter noted that such attacks are sophisticated, requiring the vigilance of credit unions offering Internet-based financial services. "As the goal of DDoS attacks is causing service outages rather than stealing funds or data, typical network security controls--such as firewalls and intrusion detection and prevention systems--may offer inadequate protection," the risk alert said.

To mitigate the issues presented by DDoS attacks, the NCUA suggested that credit unions:

  • Perform risk assessments to identify risks associated with DDoS attacks;
  • Ensure incident response programs include a DDoS attack scenario during testing and address activities before, during, and after an attack; and
  • Perform ongoing third-party due diligence, in particular on Internet and web-hosting service providers, to identify risks and implement appropriate traffic management policies and controls.
The agency also noted that DDoS attacks may also be paired with attempts to steal member funds or data. The letter suggested that credit unions voluntarily file Suspicious Activity Reports if DDoS attacks impact Internet service delivery, enable fraud, or compromise member information.

For the full NCUA risk alert, use the resource link.
RSS





print
News Now LiveWire
Watching #SuperBowlXLIX this Sunday? Look for regional #creditunion #commercials @CltMetroCU @BECU @golden1cu #Seahawks #Patriots
22 hours ago
Philadelphia's American Bakery Workers FCU liquidated by @TheNCUA; @trumarkonline assumes shares
22 hours ago
More branch shutterings by @Citi: 4th-largest bank to close 10% of #Chicago area branches HT @CrainsChicago http://t.co/2vAvgucLY5
23 hours ago
56% struggle with subprime credit scores says @cfed survey HT @washingtonpost http://t.co/RHmMvuhNtw
1 day ago
How to use social media for crisis communications Feb. 10 webinar from @SBAgov, @AgilityRecovery http://t.co/d16t8RHr7n
1 day ago