Author: Jenny Roland-Vlach, JRoland-Vlach@jackhenry.com
Here we are at the end of April and my Inbox has had quite a few email alerts from various regulatory entities. These alerts have covered an array of topics with the most prevalent being an apparent current uptick in cyber-related risk. So, in case you may have missed one of these, among the multitude of emails you probably receive each day, I thought I would use this opportunity to provide a brief overview of this recent flurry of activity plus suggested steps to address outlined objectives.
Cyber-Attacks on Financial Institutions ATM and Card Authorization Systems
In light of the ATM cash-out schemes that had taken place recently, an alert was issued to provide details on how this type of fraud had occurred, the risks presented to financial institutions (FIs), and what FIs could do to mitigate these risks.
Essentially, the criminals behind these cash-out schemes were able to gain access to web-based ATM platforms, perhaps through malware installed via phishing emails. Once they gained access, they were able to manipulate withdrawal limits and then the criminals simultaneously hit multiple ATMs where they withdrew large amounts of cash. One such attack by the group Unlimited Operations was able to net over $40 million.
The alert went on to list measures that FIs should take to help mitigate potential attacks, including:
If there is an item on this list that you have not addressed in some time, use this as an opportunity to get it up-to-date.
Distributed Denial-of-Service (DDoS) Cyber-Attacks and Risk Mitigation
Everyone is well aware of the DDoS attacks that have been plaguing FIs since 2012. These attacks have been used to slow website response times or render websites unavailable all together. In more dire situations, DDoS attacks have been used as a distraction while running a corporate account takeover attack. This alert and the ongoing publicity surrounding these attacks mainly serves as a reminder that these attacks will probably not be going away anytime soon and that there are steps FIs can use to prevent and deal with an attack. The following steps are expected of FIs:
The FDIC provides a listing of resources that can be used to better identify and mitigate potential cyber-risks. These sources are both government entities and government-sponsored entities and include the following:
The FDIC encourages subscribing to these various groups to ensure that you receive regular security alerts, tips, and other updates. They also encourage visiting vendors’ websites and checking with those vendors for existing user groups.
OpenSSL “Heartbleed” Vulnerability
I have no doubt that you have already heard a good deal about the Heartbleed vulnerability given the prolific amount of media attention that it has received. This alert highlights how an attacker may be able to exploit the vulnerability and potentially access a server’s private cryptographic keys, resulting in compromised security of the server and its users. The information gained could be used to impersonate FIs, steal login credentials, access sensitive information or gain access to internal networks.
This alert provides additional measures for FIs to implement accordingly:
It ends with encouragement to utilize cyber-security resources like the ones I mentioned earlier.
Obviously, FIs have had a good deal of information thrown their way over the past few weeks. Most of the expectations outlined in these alerts should already be a part of your current risk based processes. However, it is important to not let these alerts become background noise. These should serve as reminders for reviewing/updating and ensuring your risk management and compliance efforts continue to meet those expectations.
Keeping your policies and procedures up-to-date and capitalizing on valuable cyber-security resources will also help in these proactive efforts.
Stay up to date with the latest people-inspired innovation at Jack Henry.
Learn more about people-inspired innovation at Jack Henry.
Who We Serve
What We Offer
Who We Are