Distributed denial-of-service (DDoS) attacks are sophisticated cyber-attacks where criminals attempt to disrupt a machine or network’s online services by overwhelming it with high-volume traffic. There are several types of DDoS attacks, including:
For credit unions, DDoS attacks are dangerous distractions that hide fraud, aid in the installment of malware and viruses, or open a breach to steal financial assets and member data. In some cases, criminals may seek to cripple a financial institution’s online properties for ransom. For the duration of the attack, online banking portals may be shut down, damaging member trust and the credit union’s reputation.
DDoS attacks on financial institutions have been on the rise for the last several years. The volume of such attacks leveled off in late 2017 but also became increasingly effective at breaching existing defenses. According to Neustar Security, a cybersecurity firm, there was an uptick in successful breaches last year as cyber criminals began targeting vulnerable organizations with multiple assaults.
In addition, as attacks grow in complexity, it is taking longer on average to detect DDoS attacks, with 46 percent of all assaults remaining undetected for roughly three hours after the attack begins. A longer detection time also means a slower response time, and 43 percent of companies say they are not able to respond until at least three hours after an attack has occurred.
To avoid becoming a part of these statistics, credit unions should implement DDoS-specific protocols for cyber-attack prevention, detection and resolution. And because these attacks will continue to evolve, a credit union’s protocols should be evaluated and updated on a regular basis to retain their effectiveness and relevance.