john-hock-web-2019

By John Hock, CPA, CISA, CITP – Senior Manager, IT Advisory and Security Group

It’s easy to see why cybersecurity is one of the most critical issues businesses face today. All you need to do is look at the Internet or turn on the TV to learn about the latest data breaches and other cyber attacks. And it’s no surprise the financial institution industry is among those most affected by these attacks.

Get to Know the Threats

Recognizing the problem and determining what to do about it, of course, are different things — and many bank and credit union executives aren’t sure where to start. A good first step is to become familiar with some of the most common cyber threats. Then you can conduct a risk assessment to identify and quantify your institution’s specific vulnerabilities and develop a plan for addressing these threats.

Here are five of the most common cyber attacks used against credit unions and banks:

  1. Malware. These malicious software programs or codes are introduced into the institution’s system via email attachments, removable media (such as flash drives) or downloads from phony websites. Not only can malware compromise the confidentiality and integrity of sensitive customer data ― it also can destroy data or disrupt your systems. Techniques for avoiding malware include training employees to recognize potential problems, requiring email attachments to be scanned, placing restrictions on the use of removable media and ensuring that systems are updated with the latest security patches.
  2. Phishing and Business Email Fraud. Phishing involves attackers who create and send seemingly legitimate emails to institution personnel or customers/members to trick them into revealing login credentials or other sensitive information or to transfer funds. An increasingly common technique is to impersonate a client’s CEO or other executive and to instruct an employee to wire funds to the attacker’s account. These attacks can be minimized through training and additional controls, such as requiring confirmation of wire transfer details by phone.
  3. Ransomware. This is a form of malware that encrypts files in your system and demands a ransom in exchange for the encryption key that unlocks them. In addition to general safeguards against malware, financial institutions can mitigate the impact of ransomware attacks by developing robust business continuity plans and incident response plans.
  4. Denial of Service. In a distributed denial-of-service (DDoS) attack, the attacker uses bots or other tools to flood the institution’s servers with Internet traffic, slowing or shutting down traffic from legitimate users. DDoS attacks may be politically motivated — or they may be used as a diversion to conceal another type of attack. To mitigate the risk, financial institutions should monitor website traffic, develop strong incident response plans and consider using third-party service providers to manage Internet traffic.
  5. Watering hole. In this technique, which has been used to target financial institutions in recent years, an attacker identifies less secure websites visited regularly by employees, such as a vendor’s website — or even a shopping or online food delivery service. The attacker then infects that site with malware. The hope is that an employee’s computer will become infected, thus compromising the institution’s systems. Techniques for defending against these attacks include monitoring website traffic, inspecting sites visited by employees for malware (and blocking infected sites), keeping systems up-to-date and ensuring employees use current, properly configured browsers.

Understand Cyber Threats Evolve

These are just a few of the many cyber threats against banks and credit unions today. As you can see from the variety of techniques used, cyber attacks may be designed to steal money or information or disrupt an institution’s operations. They may target the bank or credit union itself, its customers/members or its service providers.

And attackers don’t just focus on technological vulnerabilities. They also use social engineering techniques to trick people into divulging confidential information or providing attackers with access to the institution’s systems.

Assess Your Risk

The key to combating cyber threats is to conduct a comprehensive risk assessment that identifies your financial institution’s potential access points and vulnerabilities, and quantifies the potential cost of a breach. Let Doeren Mayhew’s team of credentialed IT and cybersecurity advisors help you. We can perform a risk assessment to identify your financial institution’s weaknesses and develop a roadmap to mitigate future risks. Contact us today to learn more.