WASHINGTON – Cyber-terrorists who seek to cripple or destroy the U.S. infrastructure threaten financial institutions, NCUA Chairman Debbie Matz told a CUNA Governmental Affairs Conference audience here Monday morning.
“Attacks, intended to create disruption, can crash networks but can also serve as a diversion for more damaging assaults,” Matz told a packed general session. “Imagine cyber-terrorists stealing passwords from your credit union and using (it) as an entry point to gain access to every payment system and every vendor with which you have a digital relationship.”
That scenario is more than just a what-if. Matz said hackers already breached a mid-sized credit union and used the credit union's passwords to access one of the larger credit bureaus.
“From there, the hackers stole credit reports on hundreds of people who weren't even credit union members,” she said.
To help credit unions fight the threat, Matz announced a new page on the NCUA's website that provides information, including preventative measures credit unions can take. The NCUA is also participating in a cyber-threat working group with other regulators, law enforcement and intelligence communities, she said.
At the NCUA, Matz said, stringent security measures are in place to protect members' information.
Matz urged officials to protect their credit unions by working collaboratively with their information technology teams, vendors, and other credit unions. She offered three specific ways credit unions can protect themselves from cyber terrorism:
- Implement appropriate risk-mitigation controls to better protect, detect and recover from cyber-attacks. This includes vendor due diligence, strong password policies, proper patch management, employee training and network monitoring.
- Make sure IT staff and vendors are on top of emerging cyber-threats. Hire experts who can be counted on to answer the very tough question: “Is my credit union really protected?”
- Get educated. Share cyber-security best practices with each other at league meetings, chapter meetings and professional groups. Participate in national information-sharing forums.
Matz also encouraged credit unions to review the National Institute of Standards and Technology cyber-security framework to evaluate how the standards could further protect credit unions and their members. The standards are part of President Barack Obama's cyber-security goals, she said.
Matz also touched upon interest rate risk, urging her audience to avoid chasing short-term yields and instead keep investment portfolios that mitigate long-term risk.
“It's easy to fall into the trap of chasing near-term profits by concentrating your portfolio in long-term investments, but falling into this trap will imperil your credit union,” Matz said. “Credit unions cannot afford to ignore this,” she said. “Ignoring rising rates is like pitching a tent on the beach at low tide. That tide is shifting. This swing from unrealized gains to unrealized losses marks a dangerous warning of things to come.”
Complete your profile to continue reading and get FREE access to CUTimes.com, part of your ALM digital membership.
Your access to unlimited CUTimes.com content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Breaking credit union news and analysis, on-site and via our newsletters and custom alerts
- Weekly Shared Accounts podcast featuring exclusive interviews with industry leaders
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical coverage of the commercial real estate and financial advisory markets on our other ALM sites, GlobeSt.com and ThinkAdvisor.com
Already have an account? Sign In Now
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
