ALEXANDRIA, Va. –NCUA is reporting it has been seeing a “concerning rise in cyberattacks" against credit unions, CUSOs, and other third-party vendors supplying financial services products, saying the incidents are directly related to critical vulnerabilities in the MOVE it Transfer web application, as well as other attacks unrelated to MOVE it.
According to NCUA, the critical vulnerabilities in the MOVE it Transfer web application are:
- CVE-2023-34362;
- CVE-2023-35036; and
- CVE-2023-35708.
The NCUA said it is asking credit unions to be “vigilant” in protecting their data and operations from all threats, including ransomware, phishing or social engineering leading to business email compromises, and distributed denial-of-service (DDoS) attacks.
“We urge all credit unions and associated entities to take immediate and comprehensive action to protect their systems, sensitive data, and the financial well-being of their members,” the agency said.
Recommendations Offered
NCUA is recommending the following mitigation steps and best practices to safeguard against these evolving cyber threats:
- Patch and Update MOVEit Transfer Web Application. “If your organization uses the MOVEit Transfer web application, apply the necessary security patches immediately to address the vulnerability. Progress Software released a security advisory that details the risks and mitigation steps, which can be accessed on the Cybersecurity & Infrastructure Security Agency website.”
- Multi-Factor Authentication. “Implement multi-factor authentication for all sensitive accounts and systems, including email accounts and remote access portals. This adds an extra layer of protection against unauthorized access and phishing attempts.”
- Employee Cybersecurity Awareness Training. “Conduct regular cybersecurity training for all employees to raise awareness about phishing, social engineering, and other common attacks,” NCUA said. “Educate employees about the risks and implications of clicking on suspicious links or opening malicious attachments.”
- Email Security and Anti-Phishing Measures. “Deploy advanced email security solutions with phishing detection and blocking capabilities. Utilize Slender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-based Authentication, Reporting, and Conformance (DMARC) protocols to prevent email spoofing and enhance email authenticity,” NCUA said.
- Incident Response Plan. “Develop and regularly test an incident response plan to ensure a swift and coordinated response in the event of a cyberattack. Assign specific roles and responsibilities to designated personnel and rehearse various attack scenarios.”
- Vendor Risk Management. “Review and assess the cybersecurity practices of all third-party vendors that provide financial services and products, including CUSOs. Verify that vendors use sound risk management principles, have robust security measures in place, and review their security posture regularly.”
- Network Segmentation and DDoS Protection. “Implement network segmentation to contain the impact of a potential compromise. Deploy DDoS protection measures, such as traffic filtering and rate limiting, to defend against DDoS attacks,” NCUA stated.
- Regular Data Backups and Recovery Testing. “Maintain frequent data backups and test the data recovery process regularly. In case of a ransomware attack, backups can prevent data loss and reduce the need to pay the ransom.”
- Threat Intelligence Sharing. “Participate in threat intelligence sharing communities to stay informed about emerging threats and attack trends. Sharing information can help strengthen the industry’s collective defense.
- Continuous Monitoring and Security Updates. “Monitor network traffic, logs, and systems continuously to detect and respond promptly to any suspicious activities. Stay informed about the latest security updates and apply patches promptly.”
‘Enhance Security Posture’
“Proactive cybersecurity measures safeguard the integrity, confidentiality, and availability of credit union systems and data,” the agency said. “By adopting these mitigation steps and best practices, credit unions and their partners can enhance their security posture and protect against the recent uptick in cyberattacks.”
The agency said credit unions with additional questions should contact their regional office or visit Cybersecurity Resource Center.
Get CUToday.info’s Industry Leading Morning Headlines Email, For Free!
The biggest, best and freshest news reporting in credit unions remains free in ’23! Each morning CUToday.info delivers its daily Fresh Today news update offering the latest headlines and breaking news right to your email, with the easy-to-read headlines format allowing you to click on the stories that interest you most in order to learn more.
If you haven’t yet signed up for the new email solution on which CUToday.info has partnered with ResponseGenius, you can do so here. Signing up requires less than one minute of your time—and it’s free!
Please note that after signing up you may need to go to your Spam/Junk folder and mark the morning headlines email as safe. CUToday.info does not provide its list of readers and emails to outside parties, and we will not be contacting you to sell you an extended warranty or sending you any links so you may cash in on an inheritance you didn’t know was coming.
And did we mention it’s free?
Please note and/or make your IT department or email administrator aware the emails will be coming from the domains CUTodayinfo.com and CUTodayinfoReply.com.