Patelco has confirmed that on Monday the large Northern California credit union was down for “around two hours” in a Distributed Denial of Service (DDoS) attack which overwhelms a web host with data, effectively knocking it out of commission.

Speaking in an informal interview at a CUNA GAC event on Tuesday, Ken Burns, CEO of the $3.8 billion Pleasanton, Calif., corroborated the two-hour outage.

Burns indicated that the upside is that, in January, in a first attack, the credit union was down for over five hours so the responses it implemented at that point had benefits.

But Burns also indicated he expected better and would be reviewing next steps with his internal IT staff and a third-party DDoS mitigation contractor Patelco has retained. He declined to name the contractor.

Last week NCUA issued its first DDoS “risk alert,” advising credit unions on must do's in regard to this disruptive attack format.

The current Patelco attack appeared to be the work of the same highly skilled group that perpetrated the first, the so-calledal-Qassam Cyber Fighters, generally thought to be associated with Iran, although that link has not been proven.

In the recent Patelco attack, only the member-facing website was impacted, said Burns. He elaborated that mobile banking, for instance, still had normal functioning throughout the attack. He also stressed there was no indication of any frauds committed in association with the DDoS attack, which had been a warning in the NCUA alert.

Respected security blogger Brian Krebs last week reported on a $900,000 cyber theft at San Francisco-based Bank of the West that, reported Krebs, was committed in association with a DDoS attack. The DDoS appears to have been used to confuse and distract bank IT security.

Burns stressed nothing of that kind had occurred at Patelco.

Complete your profile to continue reading and get FREE access to CUTimes.com, part of your ALM digital membership.

Your access to unlimited CUTimes.com content isn’t changing.
Once you are an ALM digital member, you’ll receive:

  • Breaking credit union news and analysis, on-site and via our newsletters and custom alerts
  • Weekly Shared Accounts podcast featuring exclusive interviews with industry leaders
  • Educational webcasts, white papers, and ebooks from industry thought leaders
  • Critical coverage of the commercial real estate and financial advisory markets on our other ALM sites, GlobeSt.com and ThinkAdvisor.com
NOT FOR REPRINT

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.