WASHINGTON—The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) issued two alerts addressing risks from Russian State-Sponsored cyber threats and highlighting recent malicious cyber incidents suffered by public and private entities in Ukraine.
NCUA, along with CISA, the Federal Bureau of Investigation, and the National Security Agency encourage credit unions and their cybersecurity teams nationwide to adopt a heightened state of awareness and to conduct proactive threat hunting.
“Credit union leadership should be aware of critical cyber risks and take urgent steps to reduce the likelihood and impact of a potentially damaging compromise,” CUNA stated.
NCUA is encouraging credit unions to review the two CISA issuances and act on the applicable recommendations.
The NCUA recently created the Automated Cybersecurity Evaluation Toolbox (ACET) for federally insured credit unions to evaluate their cybersecurity posture. For more information, visit NCUA’s cybersecurity resources website.
What CUs Should Do
The agency said credit unions that experience a cyber incident, should contact FBI’s 24/7 Cyber Watch at 855-292-3937 or by e-mail at CyWatch@fbi.gov. Any contact should include the following information regarding the incident: date, time, and location of the incident; type of activity; number of people affected; type of equipment used for the activity; the name of the submitting company or organization; and a designated point of contact.
To request incident response resources or technical assistance related to these threats, contact CISA at CISAServiceDesk@cisa.dhs.gov or 888-282-0870.