MADISON, Wis. (4/26/13)--With the increasing prevalence of Distributed Denial of Service (DDoS) cyberattacks, the Credit Union National Association is alerting credit unions to "chatter" that has been detected about a potential widespread attack that could be planned for May 7.
"It is not possible to assess the veracity of the threat at this time, but it is important that credit unions be aware and prepared at all times. Also, some of the largest credit unions are included in a list of targets for the purported May attack so heightened awareness is warranted," said CUNA Vice President of Information Technology Tom Nohelty Thursday.
DDoS attacks are attempts to disrupt or suspend online service by saturating a target's network with external communication requests to overload its server.
If a credit union is subject to an attack, Nohelty explains, it will see a "very large spike" in Internet traffic to its website from one or more IP addresses and their website will become unresponsive. Proactive measures a credit union can take include:
The National Credit Union Administration stepped into Washington's cybersecurity discussions earlier this year and identified policies and procedures to guard against DDoS attacks in a new credit union risk alert (13-Risk-01). The alert notes that the sophistication of such attacks require the vigilance of credit unions offering Internet-based financial services. (See resource link to read NCUA tips on mitigating issues presented by DDoS attacks.)
Also of note, the CUNA Technology Council is offering a free May1 webinar entitled, "Mitigating and Responding to a Distributed Denial of Service Attack." Speakers Bill Podborny, chief security officer of Alliant CU in Chicago, and Glen Roberts, information security researcher of University FCU in Austin, Texas, will lead the session, which is scheduled for 1 p.m. (CT).