Cyber Attacks - Is Your Credit Union Prepared?

Since the invasion of Ukraine, the U.S. federal government has been monitoring potential increased vulnerabilities for U.S. businesses and infrastructure. So far, the attacks have been focused on Russia and Ukraine including denial of service and malware, but due to U.S. sanctions, cyber attacks could turn to the U.S., and credit unions have to be prepared.

In a recent webinar, Think|Stack addressed the current cyber threats facing the financial sector due to the Russia-Ukraine war.

According to TS CTO, Zachary Hill, companies should anticipate an uptick in the use of breached credentials and compromised accounts, as well as attacks on big companies, particularly those managing infrastructure like power and water.

TS CEO, Chris Sachse encourages credit unions need to assess all third-party vendors to understand how they are managing and protecting their tools and systems.

Michael Seidelman, Director of Cybersecurity at TS shares that one of the best ways to protect systems is ongoing vulnerability scans and patching, as well as making users aware of potential vulnerabilities.  He reinforced that the warnings are not overblown – Russia bankrolled $5B in cash in advance of the invasion of Ukraine in preparation for anticipated sanctions. There is a very real possibility that the U.S. could get involved in full on cyber warfare.

Here are top 5 way to proactively prepare and protect your infrastructure and data:

1. Verify and enforce least privilege access
2. Awareness of regulatory compliance that will help protect systems
3. Update EVERYTHING - software, mobile devices, tablets, routers, switches, firewalls – these are all access points to networks
4. Back-up data
5. Assess all third-party vendors 

The best protection is education.

All employees from leadership down should understand the potential vulnerabilities, how attackers access the network, and the steps to take in the event of an attack. Ongoing training is critical. And for those working remotely, leadership should ensure they are updating and monitoring personal devices as well.

Debilitating cyber attacks happen every day. It’s not a matter of “if”, but “when” and credit unions need to remain diligently focused on the development and implementation of cybersecurity policies, procedures and building a strong cyber culture to mitigate risk.