On Feb. 24, 2022 the National Credit Union Administration (NCUA) released a statement warning credit unions of all sizes to be extra vigilant in their cybersecurity activities and maintain heightened awareness regarding the risks from Russian state-sponsored cyber threats.

Doeren Mayhew’s IT Advisory and Security Group suggests taking the following proactive actions now:

  • Evaluate your incident response and continuity plans and review them with the response team (ensure contact information is correct).
  • Encourage employees to be on the lookout for increased phishing attacks and inform them of how they can report possible incidents.
  • Implement multi-factor authentication wherever feasible, but especially for remote access to systems, administrative access or cloud resources.
  • Ensure connections to external, internal, and cloud resources are not allowed from foreign IP addresses.
  • Patch external and internal systems in a timely manner.
  • Perform vulnerability assessments and remediate high-risk items (known exploits available).
  • Review your credit union’s existing cyber insurance policy to make sure you are taking all required actions to ensure a claim will be paid.
  • Evaluate system and event logs and verify they are being backed up or centralized for historical review should a breach occur.

In the unfortunate event your credit union experiences a breach, you should contact the Federal Bureau of Investigation’s 24/7 Cyber Watch at 855.292.3937 or by e-mail at CyWatch@fbi.gov.

Doeren Mayhew’s IT Advisory and Security specialists are here to help. Offering a wide range of IT advisory and cybersecurity services, our specialists can assist you in staying ahead of threats by ensuring proper security measures are in place. Contact us today for assistance.