ARLINGTON, Va.— October is National Cybersecurity Awareness Month, and NAFCU is emphasizing credit unions should be aware of three things to effectively prepare for and address cyber threats.
The three issues to watch:
- FBI warns of high-impact ransomware attacks. The FBI last week released a new public service announcement to alert U.S. businesses and organizations to high-impact ransomware attacks. Barracuda – a security and data protection solutions firm – released new data in August that showed more than 70 state and local governments had suffered such attacks so far in 2019, NAFCU said.
The FBI warned the attacks "are becoming more targeted, sophisticated, and costly." The announcement included further details of how ransomware works, how businesses affected by an attack should respond, ways to protect an institution from ransomware attacks, and 12 best practices for cyber defense.
- Growth in merchants' security spending falls as data breaches rise. A recent study from Thales Esecurity found that more than a third of U.S. retailers have experienced a data breach in the past year; however, only 62% of retailers said they were increasing their security spending this year, compared to 84% who said the same last year, NAFCU noted.
The report detailed a number of concerns with retailers investing in new technologies to disrupt the market, including cloud services, that leave data vulnerable.
Cyber threats credit unions should look out for. In addition to ransomware attacks, there are a number of other threats that could hack credit unions' systems and gain access to sensitive information, NAFCU said.
- One of the top threats is business email compromise (BEC) schemes, NAFCU reminded, as CUToday.info has reported on numerous occasions. In a risk alert sent in August, the NCUA flagged for credit unions the rise of email fraud and offered tips to prevent it. Last month, the Department of Justice announced that $3.7 million had been seized and 281 had been arrested in a coordinated BEC operation.
“A number of other threats are detailed in an article from Wired, including rogue USB drives. As a data storage device used commonly in business, these sticks can contain viruses or programming to take over a computer once plugged in,” NAFCU said.