Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive
150x172_CUEffect.jpg
Contacts
LISA MCCUEVICE PRESIDENT OF COMMUNICATIONS
EDITOR-IN-CHIEF
MICHELLE WILLITSManaging Editor
RON JOOSSASSISTANT EDITOR
ALEX MCVEIGHSTAFF NEWSWRITER
TOM SAKASHSTAFF NEWSWRITER

News Now

Washington
New White Paper Assesses DDoS Risk To CUs
WASHINGTON (5/7/13)--Over the past eight months, a buzz has grown around news of Islamic hacktivist groups targeting U.S. banks with powerful distributed denial of service (DDoS) attacks. Against this backdrop, writes Chief Technology Officer Kevin Prince of CompuShare in a just-released white paper, credit unions and community banks have to ask themselves: How concerned should we be?

Compushare, a technology management provider for the financial services industry, is CUNA Strategic Services' newest alliance provider. Its new white paper, "DDoS Attacks: How Real Are The Risks For Community Financial Institutions," is available to Credit Union National Association members via the trade group's website (see resource link).

A DDoS attack involves using an army of hijacked computers to overwhelm a site with so many requests for attention that it's unable to respond to legitimate requests and thus becomes unavailable. It has become a popular method to make a political or ideological point in which the target is some kind of symbol.

Prince notes that since September, U.S. financial institutions have been under coordinated and timed DDoS attacks: "In total, 50 U.S. financial institutions have been targeted in over 200 separate DDoS attacks with varying effects."

Prince writes that credit unions should understand that, to date, there have been no attacks towards smaller financial institutions: "The attackers are targeting top tier financial institutions." While there is currently nothing to suggest that smaller financial institutions will become a target anytime soon, this could change at any time, warns Prince.

He explains in the white paper that there is little a financial institution can do on its firewall, routers, or intrusion detection and prevention system to stop a DDoS attack.

"To be handled effectively it must be addressed 'upstream' at the ISP or by the third-party hosting provider of your Internet-based services such as online banking (perhaps hosted by your core processor).

"While every community financial institution should have controls like antivirus and patch management in place, you should be reaching out to your Internet Service Providers and Internet banking providers to determine their degree of readiness and response plan in case the DDoS threat should hit close to home," writes Prince.

Overall, the white paper details how a DDoS attack is launched and executed, discusses how to assess risk, and also talks about protecting systems and data.
Other Resources

CompuShare DDoS White Paer
RSS





print
News Now LiveWire
Which Children's Miracle Network Hospital is the winner of @CUDirect's 20 for 20 grand prize? Find out Tuesday.
3 hours ago
Gas prices have fallen for a record 88 days in a row says @AAAnews via @washingtonpost http://t.co/c52VTdqHEB
5 hours ago
.@TheNCUA releases regulatory modernization initiative results (PDF link) http://t.co/pgLZe4aget
6 hours ago
#FinCEN seeks nominations of FIs, trade groups for membership on Bank Secrecy Act advisory group http://t.co/l5w58c277W
7 hours ago
MI pediatric dentist pledges $20K match to Hurley Children's Hospital if it wins @CUDirect's 20 for 20 http://t.co/Eq2nIPm6jo
7 hours ago