CUNA made headlines with its warning about a planned May 7th DDoS – Distributed Denial of Service – attack that, said the trade group, was sufficiently worrisome that credit unions had to take steps to be ready.
CUNA attributed the source of word of the threat to “chatter that has been detected.”
Also Read:
- Was May 7 Only a Test?
- May 8: Attacks But No Time to Let Guard Down
- Mixed Views in LinkedIn Poll on May 7 Warning
- No Takedowns Reported Tuesday
- Anonymous May 7 Target List Includes CUs
- Krebs: DHS Memo Says 'More Bark Than Bite'
- Threat of the Week: May 7, Ready or Not
- CO-OP Issues DDoS White Paper
- CUNA Explains Thinking Behind Warning
- Reactions Vary to May 7 Warning
- DDoS Attacks Often Fraud Diversions
- CUNA Issues May 7 DDoS Warning
What chatter? That turns out to be comments not from the al Qassam Cyber Fighters – the group that has claimed the prior DDoS attacks that have knocked big U.S. banks and several credit unions offline in the past year.
Sources pointed instead to OpUSA, a shadowy hacktivist group that is affiliated with Anonymous.
OpUSA has claimed al-Qassam will be involved in the May 7 attacks, but al Qassam – a group often said to be allied with the Iranian government – has been less committal in its remarks.
As for what OpUSA has planned for May 7, the group has offered its commentary on Pastebin, the website of choice for DDoS-related announcements. (Warning: there is substantial off color language here,)
Aside from anti-Israel and anti-Obama commentary, there are no real details of what is planned for May 7.
Anonymous, the supposed manpower behind OpUSA, is a group that has had successful takedowns of public websites – recently the Spanish parliament's website became a victim. It has documented computer skills at very high levels. But the exact relationship between OpUSA and Anonymous is not presently known.
So, what should a credit union do in the run up to May 7? Experts consulted by Credit Union Times indicated that at this late date, not much could in fact be done to ward off an unknown attacker unleashing an unknown attack vector in a little over a week.
Were budgets unlimited, much could be done, said the experts, but with a typical credit union's constrained IT budget, many will decide their best course of action is to wait this one out and see exactly what damage transpires on May 7.
In the vast majority of cases, DDoS also has not been associated with data breaches. It has been an outage, plain and simple, noted one expert who indicated it was not that different from going down in an electrical storm.
“Many – most – will decide to take this route,” he said.
Complete your profile to continue reading and get FREE access to CUTimes.com, part of your ALM digital membership.
Your access to unlimited CUTimes.com content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Breaking credit union news and analysis, on-site and via our newsletters and custom alerts
- Weekly Shared Accounts podcast featuring exclusive interviews with industry leaders
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical coverage of the commercial real estate and financial advisory markets on our other ALM sites, GlobeSt.com and ThinkAdvisor.com
Already have an account? Sign In Now
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
