Global cybersecurity concerns rise. (Source: Shutterstock).
The Russian military aggressions into Ukraine over the past week appeared to follow a significant uptick in cyberattacks happening in several sectors, including the financial industry.
In an interview with CU Times, Chris Sachse, CEO of the Baltimore-based cloud and cybersecurity organization Think|Stack, said, "We have seen hundreds upon hundreds of percentage increase in attacks over the last two to three weeks. We are seeing the activity levels in ways that we haven't seen."
He added, "We are continuing to see that trend and we are continuing to see a spike in the number of attacks that are occurring way more so since the conflict."
The Department of Justice, FBI, National Security Agency and the Cybersecurity and Infrastructure Security Agency released a series of cybersecurity warnings last month during Russia's build-up to invade Ukraine.
During the Munich Security Conference in February, Deputy Attorney General Lisa Monaco said, "Given the very high tensions that we are experiencing, companies of any size and of all sizes would be foolish not to be preparing right now as we speak to increase their defenses, to do things like patching, to heighten their alert, to be monitoring in real time, their cybersecurity."
The concerns over a possible and massive cyberattack were top-of-mind at the general session of CUNA's Governmental Affairs Conference on Monday. After greeting the crowd, NCUA Chairman Todd Harper immediately addressed his growing unease of a pending cyberattack.
"Before I begin today, I want to discuss the current situation in Ukraine," Harper said. "The conflict there has raised concerns about potential cyberattacks here in the U.S., including those against the financial services sector."
Harper continued, "I cannot stress this enough: All credit unions and vendors, regardless of size, are vulnerable to cyberattacks. Given the events over the last few days, attacks on financial institutions are potentially imminent. So, all parties within the system must maintain the highest level of alertness."
Sachse agreed with Harper on the vigilance needed at this time. He pointed out that historically hackers conduct phishing scams or tap into an organization's system to steal cash.
Chris Sachse "In this case, I'm not worried about the Russians stealing our money," said Sachse. "I'm worried about them creating so much disruption to a system simultaneously that it causes panic."
His worry concerned Russia's ability to conduct a locally-focused attack on credit unions, health care providers, energy companies and school systems. Sachse said, for instance, what if Russia or another group decided to focus on one city and hit the credit unions there with ransomware at the same time? In that case, people wouldn't have access to their accounts for days. "The panic that would have ensued I think would have created the type of situation that Russia is really looking for – which is somewhat like a terrorist attack."
He said Russia appears to be focused on pure disruption, especially since the U.S. and several other countries have imposed economic sanctions against Russia, which has potentially caused an almost instant recession for the country.
"Their banking system now feels threatened, so they're going to hit ours," Sachse warned.
Sachse said Think|Stack is advising its clients and the credit union industry at large to take steps to ensure systems are as secure as possible, including the following:
- Make sure systems are up-to-date with the latest programs and security patches.
- Review your credit union's incident response plan and conduct table-top exercises.
- Evaluate your most recent vulnerability scans and security assessments.
- Install multi-factor authentication for employees and members.
Sachse said now is not the time to be complacent with cybersecurity measures.
"What we've seen by and large is somewhat of a false sense of security with a lot of credit unions to be honest with you," he said. "Because they're regulated, a lot of the boards and executive teams are sitting back and saying, 'We're good! The regulators were out here.' Unfortunately, the regulators aren't cybersecurity professionals."
© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
Michael Ogden
Editor-in-Chief at CU Times. To connect, email at [email protected]. As Editor-in-Chief of CU Times since 2016, Michael Ogden has led the editorial team in all aspects of content strategy and execution, including the creation of the publication’s exclusive and proprietary research database of the credit union industry’s economic landscape. Under Michael’s leadership, CU Times has successfully shifted to an all-digital editorial product with new focuses on the payments, fraud, lending and regulatory beats. Most recently, he introduced a data-focused editorial product for subscribers that breaks down credit union issues into hard data, allowing for a deeper and more factual narrative for readers. In 2024, he launched the "Shared Accounts With CU Times" podcast, which offers a fresh, inside-the-newsroom perspective through interviews with leaders from the credit union industry and the regulatory world. He dives into pressing credit union issues, while revealing the personalities working behind-the-scenes to push the credit union world forward. His background includes years as a radio and TV anchor/reporter and a public relations and digital/social media manager, where he covered the food and music industries, as well as cooperatives and credit unions. Over the years, he has launched numerous exclusive video and podcast series, including a successful series of interactive backstage interviews with musicians at music festivals, showcasing his social media and live streaming production skills.
