- Home
- Articles
New DDoS Warning Issued by Regulator
Second Alert Recommends Defensive Steps
The National Credit Union Administration is the second federal banking regulator to issue an alert about fraud risks linked to distributed denial of service attacks.
See Also: Breaking Down Ease-of-Use Barriers to Log Data Analysis for Security
In late December, the Office of the Comptroller of the Currency also issued an alert about DDoS activity.
Related Content
- Cybercrime Gang: Fraud Estimates Hit $1B
- NCUA's IG to Review October Breach
- Why Cyber-Insurers Will Demand Better InfoSec
- New Threat: ID Theft in the Workplace
- 6 Sony Breach Lessons We Must Learn
Related Whitepapers
- Managing the Risks and Rewards of Mobile Banking Apps
- The State of Advanced Persistent Threats
- Stopping Zero-Day Exploits for Dummies
- Corporate Cybercrime Trends: Employee Endpoint Exploitation
- Stepping up the Battle Against Advanced Threats
Attorney Joseph Burton, a cybercrime and information security expert and managing partner of law firm Duane Morris LLP, says banking institutions should heed these notices as warnings that DDoS strikes will continue this year.
"In the attacks we're talking about, there have definitely been account transfers," Burton says, adding that banks and credit unions have an obligation and responsibility to address these risks and ensure they have the right types of programs in place.
New DDoS Alert
The NCUA's Feb. 21 alert lists policies and procedures credit unions and other financial institutions should implement to defend themselves against DDoS attacks.
Among the NCUA's recommendations:
- Conduct ongoing assessments to identify risks associated with DDoS attacks;
- Ensure disaster recovery and incident response programs include DDoS attack scenarios that can be tested before, during, and after an attack;
- Perform ongoing due diligence on third-party service providers, especially Internet and Web-hosting providers, to ensure appropriate traffic management policies and controls are in place.
While the NCUA notes that the primary goal of DDoS attacks is to create online disruption rather than fraud, the regulator also notes that DDoS attacks often are used as tools of distraction to veil fraud taking place in the background.
"Credit unions should voluntarily file a Suspicious Activity Report if an attack impacts Internet service delivery, enables fraud, or compromises member information," the alert states. "DDoS attacks may also be paired with attempts to steal member funds or data."
The NCUA also says credit unions should brace for DDoS attacks by following the practices and controls outlined in the Federal Financial Institutions updated authentication guidance, which recommends the implementation of member and employee education programs, multifactor authentication for online transactions, and transaction monitoring and verification procedures.
DDoS: Tool of Distraction
The Office of the Comptroller of Currency issued its alert late last year to raise awareness, because some attacks had been used to distract attention from attempts by fraudsters to commit account fraud or to steal proprietary information, a spokesman said (see Attacks Put Banks on Alert).
"Because the groups conducting DDoS may shift tactics and targets during an attack, banks should incorporate information sharing with other banks and service providers into their risk mitigation strategies," OCC spokesman Bill Grassano said Dec. 21.
Burton, the attorney, says the OCC's December alert was issued in response to DDoS attacks that targeted California-based Bank of the West at the end of last year. The attacks were used as a means of distraction to take over online accounts and steal funds, he says.
Security blogger Brian Krebs reported Feb. 13 that the attack against Bank of the West resulted in more than $900,000 being drained from one account, and a Christmas Eve DDoS attack distracted bank employees from detecting the takeover.
- 1
- 2
Follow Tracy Kitten on Twitter: @FraudBlogger
SIM card manufacturer Gemalto says its investigation into a reported U.S. and U.K. intelligence...
Latest Tweets and Mentions
SIM card manufacturer Gemalto says its investigation into a reported U.S. and U.K. intelligence...
The ISMG Network
-
Webinar
Dispelling the Myths of Malware Attacks
-
Article
Promoting Cyber Norms of Behavior
Senate Panel Hears Experts Address Nation-State Cyberthreats
-
Interview
Art Coviello: Venture Capitalist
Ex-RSA Chairman Joins Rally Ventures as Partner
-
Article
FTC's LabMD Case: The Next Steps
Commission Won't Call Rebuttal Witness
-
Article
The Challenges of Securing Smart Cities
Middle Eastern, Asian Leaders Align with Security Frameworks