CUNA Back Online After Undisclosed 'Cyber Incident'

CUNA is apparently up and running as of Wednesday night after an undisclosed cyber incident knocked at least some its IT systems offline for more than two days.

CUNA sent out an announcement and letter to its members stating that it restored access to its website and online resources for all leagues and members.

The letter read:

Dear credit union member,

We are pleased to share that as of last night, we have restored access to our site and other online resources. We want to thank you for your patience as we worked around the clock to restore these systems. We apologize for the inconvenience and frustration this may have caused as you had trouble accessing our services.

If you are still experiencing trouble accessing cuna.org or other online resources, please email hello@cuna.coop.

An alert on CUNA’s website, which described the outage as “technical issues” with its systems, was removed.

On Tuesday CUNA said it was addressing what it described as a “cyber incident.”

“CUNA is in close contact with the FBI and fully cooperating with their investigation,” CUNA said in its prepared statement. “We regret any inconvenience this may cause and are working diligently to restore our systems as quickly as we can and to put in measures to support our League partners and members. Our investigation remains ongoing.”

CUNA did not report in its statement when the cyber incident was initially discovered, which IT systems were affected and in what specific ways the event was affecting its operations.

On its home page, CUNA posted a brief statement that it was working nonstop to get its systems back online.

“While we continue to fix the problem, we’re available at hello@cuna.coop if you need anything,” the post read.

However, TechCrunch reported Wednesday that “CUNA’s systems were knocked offline Monday as a result of ransomware, according to a source familiar with the incident who was not authorized to talk to the press. The type of ransomware used is not immediately known, but CUNA is understood to predominantly run Microsoft software, which is frequently a target of ransomware.”

In October CUNA hosted a simulated ransomware attack, aimed at helping credit unions defend against ransomware using a simulated ransomware attack at Credit Union House in Washington, D.C., and remotely. CUNA joined with the Financial Services Information Sharing and Analysis Center (FS-ISAC) and ManTech, a provider of cybersecurity solutions, to conduct the session.

Ransomware attacks often begin with phishing emails with fake links to install malware to encrypt and hold hostage the target’s files or computers. Hackers then demand a ransom from the affected entity to remove the encryption.

CUNA has not confirmed what caused the cyber incident.