Arming Your Employees and Members Against a Cyberattack

In 2018 the word “cybersecurity” has been included somewhere in the news every single day. Cybercrimes continue to impact financial institutions, businesses and consumers to an uncomfortable level, and the unfortunate truth is there is no end in sight for these crimes.

To make things worse, credit unions face the risk of being exposed to an attack that can come from within the organization (internal) or from an outside source (external). In fact, the top reported cyberattacks in 2018 resulted from varying types of internal and external exposures. These include security breaches, system glitches, software system hacks, ransomware and unauthorized access to private accounts.

To help keep your credit union protected from cybercrimes of any kind, it is necessary to dig into the security tools and proactive procedures you have in place for preventing both an internal or external cyberattack. It is equally as important to raise awareness of these risks while making prevention education readily available to your employees and members.

The following are essential details about detecting and preventing both internal and external cyberattacks. This information should be shared far and wide so employees and members alike are armed with the knowledge needed to catch and report these crimes.

Internal Cyberattack

How do these crimes occur and what do they look like? Internal cyberattacks occur when a credit union system or employee computer has been infected with malware. Oftentimes these crimes result from a phishing attack, where the employee grants the cybercriminal internal access by responding to an infected email or opening an infected attachment. Once the criminals are in, they fraudulently move funds out of your credit union using any number of electronic payment methods, including home banking, account-to-account, person-to-person, ACH, wire or card payments.

These threats are becoming more sophisticated and complex, and unless you and your employees know the warning signs, these well-disguised attacks – such as the “business email compromise” exposures recently reported by BankInfoSecurity – can be difficult to spot.

What can be done to prevent the crimes? To most effectively protect your credit union and employees from these internal cybercrimes, proactive planning needs to occur and strong security controls need to be implemented right away. Additionally, required fraud trainings should be presented to all staff members, so that all of your employees know how to best recognize and report a potential attack.

External Cyberattack

How do these crimes occur and what do they look like? External cybercrimes attack your members through various means and points of entry outside of your credit union. These attacks continue to grow and evolve as data breaches continue to grow and evolve, the large majority of which involve business data exposures (like Equifax and Facebook).

External data breaches often result from skimming attacks, system intrusions or remotely-obtained access to the data. However, cybercriminals will continue evolving their methods to seek and find any weaknesses or opportunities to break into businesses or systems housing consumer data. Once these criminals successfully obtain this data, they will likely sell the information or use it to perform fraudulent purchases.

What can be done to prevent the crimes? Historically, most external attacks have involved card data. But more recently, these attacks have shifted toward the theft of personal and financial information. This is why it is so important to provide cybercrime education to your members. This education should include what kinds of crimes are most prevalent today, how they are occurring, and how they can be spotted and reported.

You should also let your members know what your credit union is doing to protect members’ accounts from being hacked, so that your members understand and value the importance of your authentication methods – which may at times seem tedious or needless.

Additional Methods for Managing Cybercrimes

Don’t wait until the cybercrime hits your financial institution or accountholders. We all need to be proactive in the fight against the cybercriminals. With that in mind, make sure your credit union sets aside time to build up your defenses against fraud crimes coming from within or outside of your organization.

Proven cybercrime prevention methods include the following:

• Understand how a threat can impact your financial institution and your accountholders, i.e. what kinds of crimes are covered, which aren’t, and what needs to be done proactively and reactively to different kinds of attacks.
• Educate employees and accountholders on how to spot a potential cyber threat and what to do when suspicious of an attack.
• Complete an internal cyber risk assessment. Consider enlisting external support from qualified experts.
• Validate any vendors with access to your data have recently performed a cyber risk assessment.
• Confirm your business continuity plan includes cyber exposure response procedures.
• Validate all layers of security controls in place for all systems and software applications.
• Advise that your employees and members not open any attachment or click on any email from an unknown or unexpected source.
• Lock your computer at all times when not in use and turn it off when not being used.
• Utilize system intrusion monitoring and detection systems along with programs to detect malware.
• Set daily dollar and transaction limits on the financial institution level and member account level.
• Require a password/passcode on members’ accounts to help prevent someone else from getting into the account.
• Require a password/passcode prior to allowing outbound electronic funds, i.e. an ACH or wire.
• Test/trial balances on A2A and P2P or any other type of electronic movement of funds.
• Monitor passwords/passcodes, dollar limits, PINs or maintenance changes on accounts to spot early warning signs of phishing or identity fraud.
• Enable multifactor authentication for account access or transaction requests posed in person, online or over the phone. The most effective authentication measures require all three of the following identifiers:
  1. Something you know – password/passcode
  2. Something you have – security token
  3. Something you are – biometrics verification
• Prepare, monitor and quickly react to a cyber event.
• Utilize multiple layers of security to prevent system intrusions and transaction risks. Especially with your payment cards, confirm you have all of the card security layers in place and they are working effectively along with accountholder notification alerts.
• Validate and confirm all of your third-party vendors have measures in place to prevent and manage cyber risks.
• Adopt proven fraud prevention tools and security technologies – tokenization, end-to-end encryption and chip technology for payment cards.

At the end of the day, cybercriminals just want to put money in their pockets – no matter the means. These criminals will continue to find new ways to break past authentication layers from within and without. Make sure you are taking proactive measures to prevent these crimes, so you are prepared when – not if – another attack should come for your credit union or members.

Ann Davidson is Vice President, Risk Consulting for Allied Solutions, LLC. She can be reached at ann.davidson@alliedsolutions.net.