DDoS: Be Part of the Solution – Part 2

Last week we covered how to protect your organization from a DDoS Attack in part 1 of our series.  This week we will cover defense strategies and how to get started.

How do we defend?

With demonstrated success, it is apparent that DDoS attackers will likely continue their assaults whether from Al-Qassam or from other entities.  This will be a persistent threat until detection and protection mechanisms can make all targets uninteresting.  A possible way to end the attacks is to end the vulnerability.  And this is exactly what the NCUA is attempting to accomplish.

The NCUA issued risk alert 13-Risk-01 in February 2013 regarding Mitigating Distributed Denial-of-Service (DDoS) Attacks.  The purpose of the risk alert is to bring a heightened awareness of current DDoS threats to the Credit Union industry.Credit Union DDoS Attack 13-Risk-01 delivers critical and timely information regarding the growing cyber-terror threat and offers some guidelines to strengthen your information security program. Specifically the alert should draw your attention to your risk mitigation efforts, threat monitoring and reporting and the policies and procedures that help you guard against DDoS type attacks.

While no specific changes are required as a result of the alert, several key areas for emphasis are noted:

  • Specific strategies for assessing your DDoS risks should include testing/exercising with a DDoS attack scenario.
  • Voluntary filing of Suspicious Activity Report (SAR) if an attack impacts internet service delivery, enables fraud, or compromises member information – A subjective term such as “impact” should be discussed at the leadership level and communicated to the appropriate responsible department for reporting SARs. “Impact” thresholds may be calculated in terms of hours, financial loss, or reputational risk.
  • Multi-factor authentication and highly filtered or prohibited internet browsing remain strong tools for mitigating cyber threats.
  • Reminder to Credit Unions that they are responsible for monitoring systems with internet connectivity to detect actual AND attempted attacks into member information systems.
  • Installing a DDoS Solution

To further strengthen the Information Security Program, recommendations are also made for Credit Unions to participate in information-sharing organization such as FS-ISAC and US-CERT – both of which provide opportunities for more detailed information on today’s growing cyber threats.

Where do I start?

Be part of the solution that ultimately will close the vulnerability gap for you and others by;

  • Guarding your perimeter accessible services with detection and protection mechanisms,
  • Keeping your Credit Union peers informed as called for in NCUA Risk Alert 13-Risk-01,
  • Being aware of what threats exists in the industry and other related areas
  • Leveraging 3rd party risk assessment and penetration testing services
  • Following general risk mitigation practices as outlined by NCUA and FFIEC regulations

Ongoing Operations, as a Risk Assessment Partner for NeighborBench, can help provide services and expertise to make you part of the solution.

RELATED POSTS

What is a DDoS Attack?

How do DDoS Mitigation Services Work?

DDoS, DNS, ICMP, Oh My!

WANT MORE INFO? Fill out this form:

Cost-Effective Solutions for Your Credit Union

Simply fill out this form and select the topic(s) that you would like more information for, and our team will reach out shortly.

Medium

Role
I agree to receive marketing communications from Ongoing Operations regarding news, updates, products, etc.(Required)

modal close button

Welcome to the Ongoing Operations blog archive.

For our most up-to-date information, please visit ongoingoperations.com.

HOME