3 Ways Credit Unions Can Prepare for a Cyber Extortion

  • Share:
technology

Distributed denial-of-service (DDoS) is a form of cyberattack where criminals attempt to disrupt a machine or network’s online services by overwhelming it with high-volume traffic. For credit unions, this means preventing members from conducting legitimate online transactions and creating a customer service debacle.

Credit unions should develop internal protocols as well as work with existing third-party technology vendors to proactively defend against and recover from cyber security threats, like DDoS attacks. Here are three steps that can help any financial institution prepare for a possible DDoS attack.

1. Create a recovery plan

As with many other cybersecurity threats, the first step many organizations take in protecting themselves against DDoS attacks is having a disaster response and recovery plan in place. This includes an inventory of technical competencies as well as a step-by-step outline of retaining business continuity in the event of a successful attack. A recovery plan is comprised of three basic parts: risk analysis, strategy and recovery timeline.

Risk analysis

It is important to inventory the number of internet-dependent processes and services a credit union has. Where and what can fraudsters target? How would the network handle a DDoS attack if one happened right now? What options are available for response if an attack occurs?

Financial institutions may investigate partnering with a cybersecurity vendor for a detailed environment scan to search for weak spots and points where the network can be attacked, as well as a list of threats by priority. Common shortcomings include risk from backdoor access — either created intentionally or through malware — and threats that target third-party vendor services.

Strategy

This part of the recovery document will outline a process for the credit union to follow in case of a DDoS attack. It is important to lay out beforehand each employee’s role while responding to an incursion. A DDoS attack may affect many other parts of a credit union besides just the technology team. If a financial institution’s website and banking portal are down, marketing and communications should be agile enough to inform members as soon as the attack is detected. Customer service agents must be on hand to take any questions that members may have.

Recovery timeline

Credit unions need a response timeline in place before an attack occurs to establish what actions to take from the second a DDoS attack is detected. This timeline changes depending on what kind of DDoS mitigation tactics an organization deploys, but there will always be three phases: detection, response and recovery. Detection and response can either be handled by internal IT personnel or third-party mitigation services. Recovery, however, requires an all-hands-on-deck approach.

When an attack is over, and the network is available for use again, it may be unwise to allow members to connect all at once, further straining servers. Instead, consider a strategy that would slowly stagger the number of members using your services at any one time until things are back to normal.

2. Shore up mitigation

Banks and credit unions are favorite targets for cybercriminals and for DDoS attacks in particular. So it’s not news that cybersecurity is a priority budget item. According to Neustar, a technology company specializing in digital defence, more than 80 percent of companies are investing in greater DDoS mitigation. Their top motivation for doing so is preserving customer confidence and brand reputation, preventing ransomware and strengthening existing protection.

3. Ensure basic security needs are met

DDoS attacks are launched from networks of compromised computers and machines commonly referred to as a botnet. These “zombie” computers have been breached with malware, usually completely unknown to their owners, and can be directed by cybercriminals to participate in DDoS attacks or other illegal activities. Before organizations seek out preventative measures that deal directly with DDoS, they should ensure their basic security needs are met and their machines are protected.

  • Share:


« Return to "Trends"
TrendScan logo
<< Back to Articles

Latest Trends

  1. The Member Service Experience
  2. Become a Tax Resource for Members
  3. What Is a DDoS Attack and Why Should Credit Unions Be Concerned?
  4. Should You Still Be Concerned about ADA Website Compliance?
  5. Anticipating Change with a Succession Plan
  6. Don't Get Snagged on ADA Compliance Requirements
  7. The Performance Management Conundrum: Structure vs. Creativity
  8. Experience Company Growth and Discovery with Employee-Driven Communication
  9. The Planning Process - Improved
  10. Building a Website with the User in Mind
  11. Content Marketing: Well Worth the Effort
  12. Your Social Media Accounts Deserve Quality Content
  13. Are You Ready to Adopt a Continuous Performance Management System?
  14. Continuous Performance Management is Disrupting HR
  15. What Credit Unions Should Do with Ambiguous ADA Standards
  16. The Website Audit Your Credit Union Needs
  17. 5 Things Credit Unions Can Learn from Cyber Attacks
  18. Optimizing Websites for Voice: What You Need to Know
  19. The Importance of Creating Quality Content
  20. 3 Succession Plans Your Credit Union Needs
  21. 7 Tax Changes Your Members Need to Know About
  22. Whatís Hot in Performance Management Technology
  23. Are You Properly Rewarding Your CEO?
  24. Americansí Lack of Financial Literacy Is an Opportunity for Credit Unions
  25. Why HR Should Take Advantage of Employee Self Service
  26. Credit Unions Could Replace Predatory Lenders
  27. 3 Website Design Trends for 2019
  28. The Quest for a One-Stop Shop Financial App
  29. Is Your Executive Compensation Still Appealing?
  30. 3 Ways Credit Unions Can Prepare for a Cyber Extortion
  31. Consumer Appetites in Mobile Innovation
  32. Build Up Membership Through Supportive Savings Programs
  33. Wanted: Apps for Clarification and Simplification
  34. Consumer Attitudes Toward Digital Advertising
  35. The Credit Union Advantage for the Digital Customer
  36. Popular DDoS Mitigation Methods in 2019
  37. People Analytics: Bringing HR and Data Together
  38. Volunteer and Young Board Members Need Development
  39. Prioritizing the Credit Union Employee Experience
  40. Shifts and Trends to Know About in E-Learning
  41. The Win-Win Results of Prize-Linked Savings for Credit Unions and Members
  42. What the C-Suite Wants out of Social Media
  43. 3 Key Factors for Creating Good Content
  44. 4 Steps to Increased Social Media ROI
  45. Credit Union Compensation: Philosophy or Strategy?
  46. Is Your CMS the Right Fit?
  47. How Useful Are Member Personas for Credit Union Marketing Teams?
  48. A Simple Way to Unify Your Marketing Efforts
  49. How Credit Unions Can Formalize the Branding Process
  50. Keeping Up with Digital Lending Convenience
  51. Making Sure You Have the Right Leaders in the Right Seats
  52. Selling Payments and Wealth Management Services
  53. How Credit Unions Can Embrace Storytelling in Marketing
  54. Learning Management Systems: What Credit Unions Should Consider
  55. How to Identify What You Want in an ESS
  56. How to Generate Content with Fewer Resources
  57. Empowering Employees and HR with the Latest Technology
  58. 2 Big FinTech Goals for Credit Unions
  59. Credit Unions Can Complete with Shadow Banks
  60. Are Your Landing Pages up to Snuff?
  61. The Dream Team for Successful Online Customer Interactions
  62. Do You Know Why Payday Loans Are Used so Much?
  63. Are You Missing Out on the Power of Video?
  64. If Your Site Isn't Mobile Optimized, You're Losing Out
  65. Protect Your Credit Union with a Website Accessibility Response Plan
  66. What Borrowers Wished Credit Unions Knew
  67. Caution: Customers Don't Always Ask for What They Want
  68. 5 Guideposts to Measure Your Brand Promise Against
  69. 6 Factors for Choosing the Right ESS System
  70. 3 Factors Impacting Credit Union Compensation Plans
  71. Leveraging Social Media for Member Engagement
  72. Don't Underestimate the Power of Financial Education
  73. Underestimate the Onboarding Process at Your Peril
  74. Finding the Best Platform for HR Technology
  75. 3 Brand Promises Credit Unions Can Learn From
  76. The Role of HR and Hiring Managers in the Candidate Experience
  77. Why You Should Invest in an Applicant Tracking System
  78. Don't Undervalue Your Brand Promise
  79. Content, Tools, and Channels to Capture Consumer Attention
  80. The Best Compliance Training with New Topics You Will Need
  81. Just How Distracted Are Consumers?
  82. Preparing a Transparency Communication Plan
  83. Preparing for Compensation Transparency

Related Trends

  1. Credit Unions Could Replace Predatory Lenders
  2. 5 Things Credit Unions Can Learn from Cyber Attacks
  3. Do You Know Why Payday Loans Are Used so Much?
  4. What Borrowers Wished Credit Unions Knew
  5. Should You Still Be Concerned about ADA Website Compliance?
  6. Don't Get Snagged on ADA Compliance Requirements
  7. Consumer Appetites in Mobile Innovation
  8. The Quest for a One-Stop Shop Financial App
  9. Wanted: Apps for Clarification and Simplification
  10. What Credit Unions Should Do with Ambiguous ADA Standards
  11. What Is a DDoS Attack and Why Should Credit Unions Be Concerned?
  12. Building a Website with the User in Mind
  13. 3 Ways Credit Unions Can Prepare for a Cyber Extortion
  14. 3 Website Design Trends for 2019
  15. The Credit Union Advantage for the Digital Customer
  16. Optimizing Websites for Voice: What You Need to Know
  17. Is Your CMS the Right Fit?
  18. 2 Big FinTech Goals for Credit Unions
  19. Caution: Customers Don't Always Ask for What They Want
  20. The Website Audit Your Credit Union Needs
  21. Keeping Up with Digital Lending Convenience
  22. Protect Your Credit Union with a Website Accessibility Response Plan
  23. Credit Unions Can Complete with Shadow Banks
  24. Popular DDoS Mitigation Methods in 2019

Industry insights
to your inbox!

Subscribe