The hacker group Anonymous, which has promised to launch distributed denial of service attacks against government and financial institution websites Tuesday, released of list of targeted institutions that includes 12 credit unions.
The $16 billion Pentagon FCU of Alexandria, Va. tops the list. About 130 banks, credit unions and other financial institutions comprise the list of claimed DDoS targets in what the group is calling OpUSA.
Other credit union sites listed on the OpUSA post on Pastebin include the $54 billion Navy FCU of Vienna, Va., the $27 billion State Employees' Credit Union of Raleigh, N.C., the $12 billion Boeing Employees Credit Union of Tukwila, Wash., the $9.8 billion SchoolsFirst FCU of Santa Ana, Calif., the $8.2 billion The Golden 1 Credit Union of Sacramento, Calif., the $5.4 billion Suncoast Schools FCU of Tampa, Fla., the $5.6 billion American Airlines FCU of Fort Worth, Texas, the $8.3 billion Alliant Credit Union of Chicago, the $7.2 billion Security Service FCU of San Antonio, Texas, the $6.2 billion San Diego County Credit Union of San Diego and the $5.8 billion America First FCU of Riverdale, Utah.
Also Read:
- Was May 7 Only a Test?
- May 8: Attacks But No Time to Let Guard Down
- Mixed Views in LinkedIn Poll on May 7 Warning
- No Takedowns Reported Tuesday
- Krebs: DHS Memo Says 'More Bark Than Bite'
- Threat of the Week: May 7, Ready or Not
- CO-OP Issues DDoS White Paper
- CUNA Explains Thinking Behind Warning
- Reactions Vary to May 7 Warning
- DDoS Attacks Often Fraud Diversions
- Mark Your Calendar (or Not) for May 7 Attacks
- CUNA Issues May 7 DDoS Warning
John Magill, CUNA executive vice president of governmental affairs, said during a Monday morning press call he has spoken to NCUA staff members about the attack, and they said the regulator is aware of the target list and has contacted the 12 credit unions. The NCUA and credit unions listed did not respond to requests for comment, except for the nation's second-largest credit union.
“We regret that such attacks may inconvenience our members,” said SECU President/CEO Jim Blaine. “We are certain that enhancing the reliability of our systems is a perpetual obligation and opportunity for our credit union. System integrity is not a one day event nor a one day concern for SECU. It's an everyday issue and commitment.”
Kevin Prince, chief technology officer at the Santa Ana, Calif.-based technology management firm Compushare, said the attack could be impactful, but added nobody knows how it could play out.
Compushare has worked on an FBI task force for a long time combating Anonymous cyberattacks, and Prince said the bureau “is having a hard time doing anything about it.” He described law enforcement attemtps to fight the loose collective of so-called hacktivists like chopping off one head, only to find two more have grown back in its place. Anonymous has called for other hacktivist groups to join them in planned cyberattacks, including the May 7 DDoS attack, he said.
Prince, who was a guest on CUNA's call, recently released a white paper that reassures small financial institutions they're not likely targets, but nonetheless provides ways to prepare in case they are, or simply worry they may be.
In reality, he said, there's very little a small credit union can do to stop a DDoS attack.
“You can't just tweak the firewall. It simply doesn't work that way,” he said.
Instead, Prince advised, credit unions should work with their internet service provider to stop the attack “upstream” before it gets to the credit union's website or online banking service.
Because most credit unions don't host their own online banking site, working instead with a third party provider or core processor, their prep time would be better spent reviewing third party due diligence than attempting to shore up their own connections, he said.
The white paper, titled “DDoS Attacks: How Real Are the Risks for Community Financial Institutions”, is available to be downloaded on Compushare's website.
Complete your profile to continue reading and get FREE access to CUTimes.com, part of your ALM digital membership.
Your access to unlimited CUTimes.com content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Breaking credit union news and analysis, on-site and via our newsletters and custom alerts
- Weekly Shared Accounts podcast featuring exclusive interviews with industry leaders
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical coverage of the commercial real estate and financial advisory markets on our other ALM sites, GlobeSt.com and ThinkAdvisor.com
Already have an account? Sign In Now
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
