3 Ways Credit Unions Can Prepare for a Cyber Extortion

  • Share:
technology

Distributed denial-of-service (DDoS) is a form of cyberattack where criminals attempt to disrupt a machine or network’s online services by overwhelming it with high-volume traffic. For credit unions, this means preventing members from conducting legitimate online transactions and creating a customer service debacle.

Credit unions should develop internal protocols as well as work with existing third-party technology vendors to proactively defend against and recover from cyber security threats, like DDoS attacks. Here are three steps that can help any financial institution prepare for a possible DDoS attack.

1. Create a recovery plan

As with many other cybersecurity threats, the first step many organizations take in protecting themselves against DDoS attacks is having a disaster response and recovery plan in place. This includes an inventory of technical competencies as well as a step-by-step outline of retaining business continuity in the event of a successful attack. A recovery plan is comprised of three basic parts: risk analysis, strategy and recovery timeline.

Risk analysis

It is important to inventory the number of internet-dependent processes and services a credit union has. Where and what can fraudsters target? How would the network handle a DDoS attack if one happened right now? What options are available for response if an attack occurs?

Financial institutions may investigate partnering with a cybersecurity vendor for a detailed environment scan to search for weak spots and points where the network can be attacked, as well as a list of threats by priority. Common shortcomings include risk from backdoor access — either created intentionally or through malware — and threats that target third-party vendor services.

Strategy

This part of the recovery document will outline a process for the credit union to follow in case of a DDoS attack. It is important to lay out beforehand each employee’s role while responding to an incursion. A DDoS attack may affect many other parts of a credit union besides just the technology team. If a financial institution’s website and banking portal are down, marketing and communications should be agile enough to inform members as soon as the attack is detected. Customer service agents must be on hand to take any questions that members may have.

Recovery timeline

Credit unions need a response timeline in place before an attack occurs to establish what actions to take from the second a DDoS attack is detected. This timeline changes depending on what kind of DDoS mitigation tactics an organization deploys, but there will always be three phases: detection, response and recovery. Detection and response can either be handled by internal IT personnel or third-party mitigation services. Recovery, however, requires an all-hands-on-deck approach.

When an attack is over, and the network is available for use again, it may be unwise to allow members to connect all at once, further straining servers. Instead, consider a strategy that would slowly stagger the number of members using your services at any one time until things are back to normal.

2. Shore up mitigation

Banks and credit unions are favorite targets for cybercriminals and for DDoS attacks in particular. So it’s not news that cybersecurity is a priority budget item. According to Neustar, a technology company specializing in digital defence, more than 80 percent of companies are investing in greater DDoS mitigation. Their top motivation for doing so is preserving customer confidence and brand reputation, preventing ransomware and strengthening existing protection.

3. Ensure basic security needs are met

DDoS attacks are launched from networks of compromised computers and machines commonly referred to as a botnet. These “zombie” computers have been breached with malware, usually completely unknown to their owners, and can be directed by cybercriminals to participate in DDoS attacks or other illegal activities. Before organizations seek out preventative measures that deal directly with DDoS, they should ensure their basic security needs are met and their machines are protected.

  • Share:


« Return to "Trends"
TrendScan logo
<< Back to Articles

Latest Trends

  1. What Is a DDoS Attack and Why Should Credit Unions Be Concerned?
  2. Become a Tax Resource for Members
  3. Anticipating Change with a Succession Plan
  4. The Website Audit Your Credit Union Needs
  5. Building a Website with the User in Mind
  6. Don't Get Snagged on ADA Compliance Requirements
  7. 5 Things Credit Unions Can Learn from Cyber Attacks
  8. Content Marketing: Well Worth the Effort
  9. Optimizing Websites for Voice: What You Need to Know
  10. Are You Ready to Adopt a Continuous Performance Management System?
  11. The Importance of Creating Quality Content
  12. Should You Still Be Concerned about ADA Website Compliance?
  13. Popular DDoS Mitigation Methods in 2019
  14. 3 Succession Plans Your Credit Union Needs
  15. What the C-Suite Wants out of Social Media
  16. Why HR Should Take Advantage of Employee Self Service
  17. Is Your CMS the Right Fit?
  18. Your Social Media Accounts Deserve Quality Content
  19. Whatís Hot in Performance Management Technology
  20. Experience Company Growth and Discovery with Employee-Driven Communication
  21. A Simple Way to Unify Your Marketing Efforts
  22. 3 Ways Credit Unions Can Prepare for a Cyber Extortion
  23. Keeping Up with Digital Lending Convenience
  24. 3 Website Design Trends for 2019
  25. Making Sure You Have the Right Leaders in the Right Seats
  26. The Credit Union Advantage for the Digital Customer
  27. Shifts and Trends to Know About in E-Learning
  28. 4 Steps to Increased Social Media ROI
  29. How Credit Unions Can Formalize the Branding Process
  30. 3 Key Factors for Creating Good Content
  31. How Useful Are Member Personas for Credit Union Marketing Teams?
  32. How to Generate Content with Fewer Resources
  33. What Credit Unions Should Do with Ambiguous ADA Standards
  34. 2 Big FinTech Goals for Credit Unions
  35. Empowering Employees and HR with the Latest Technology
  36. Learning Management Systems: What Credit Unions Should Consider
  37. If Your Site Isn't Mobile Optimized, You're Losing Out
  38. The Dream Team for Successful Online Customer Interactions
  39. The Performance Management Conundrum: Structure vs. Creativity
  40. Is Your Executive Compensation Still Appealing?
  41. 3 Factors Impacting Credit Union Compensation Plans
  42. Are You Missing Out on the Power of Video?
  43. Continuous Performance Management is Disrupting HR
  44. 7 Tax Changes Your Members Need to Know About
  45. Protect Your Credit Union with a Website Accessibility Response Plan
  46. Credit Unions Can Complete with Shadow Banks
  47. Are Your Landing Pages up to Snuff?
  48. 5 Guideposts to Measure Your Brand Promise Against
  49. People Analytics: Bringing HR and Data Together
  50. The Quest for a One-Stop Shop Financial App
  51. How Credit Unions Can Embrace Storytelling in Marketing
  52. Americansí Lack of Financial Literacy Is an Opportunity for Credit Unions
  53. How to Identify What You Want in an ESS
  54. Prioritizing the Credit Union Employee Experience
  55. Caution: Customers Don't Always Ask for What They Want
  56. Wanted: Apps for Clarification and Simplification
  57. 3 Brand Promises Credit Unions Can Learn From
  58. Don't Underestimate the Power of Financial Education
  59. Leveraging Social Media for Member Engagement
  60. Finding the Best Platform for HR Technology
  61. The Role of HR and Hiring Managers in the Candidate Experience
  62. Credit Union Compensation: Philosophy or Strategy?
  63. Don't Undervalue Your Brand Promise
  64. 6 Factors for Choosing the Right ESS System
  65. Underestimate the Onboarding Process at Your Peril
  66. Why You Should Invest in an Applicant Tracking System
  67. Consumer Appetites in Mobile Innovation
  68. The Win-Win Results of Prize-Linked Savings for Credit Unions and Members
  69. Build Up Membership Through Supportive Savings Programs

Related Trends

  1. Should You Still Be Concerned about ADA Website Compliance?
  2. Don't Get Snagged on ADA Compliance Requirements
  3. Consumer Appetites in Mobile Innovation
  4. The Quest for a One-Stop Shop Financial App
  5. Wanted: Apps for Clarification and Simplification
  6. What Credit Unions Should Do with Ambiguous ADA Standards
  7. What Is a DDoS Attack and Why Should Credit Unions Be Concerned?
  8. Building a Website with the User in Mind
  9. 3 Ways Credit Unions Can Prepare for a Cyber Extortion
  10. 3 Website Design Trends for 2019
  11. The Credit Union Advantage for the Digital Customer
  12. Optimizing Websites for Voice: What You Need to Know
  13. Is Your CMS the Right Fit?
  14. 2 Big FinTech Goals for Credit Unions
  15. Caution: Customers Don't Always Ask for What They Want
  16. The Website Audit Your Credit Union Needs
  17. Keeping Up with Digital Lending Convenience
  18. Protect Your Credit Union with a Website Accessibility Response Plan
  19. Credit Unions Can Complete with Shadow Banks
  20. Popular DDoS Mitigation Methods in 2019
  21. 5 Things Credit Unions Can Learn from Cyber Attacks

Industry insights
to your inbox!

Subscribe