Distributed denial-of-service (DDoS) attacks are sophisticated cyber-attacks where criminals attempt to disrupt a machine or network’s online services by overwhelming it with high-volume traffic.
There is a number of reasons why cyber criminals would want to use a DDoS attack, ranging from so-called “hacktivism” — a term given to activism through the medium of hacking — to ransomware, stealing customer data, holding online properties for ransom, and even hiding fraud. The National Credit Union Association (NCUA) reports a wave of DDoS attacks last year that nearly overwhelmed Automated Clearing House systems was actually related to what appears to be an internet conspiracy.
According to the NCUA, “These attacks on the payments system are part of a concerted fraud scheme based on conspiracy theories found on social media and member-only blogs and chat rooms across the internet. Although these theories are easily refutable, it is important to know their basic premise: Several groups or individuals believe there is property or money being held in a trust that was set up at birth for every citizen by the U.S. government. All the supposed owner needs to do to access these funds through the payments system is to use the Federal Reserve Systems’ routing numbers and the owner’s social security number as the account number.”
To make the situation worse, instructions for carrying out this fraud have been widely posted on social media and video-sharing platforms, enabling even amateur cyber criminals to commit DDoS attacks. For credit unions, DDoS attacks are dangerous distractions that can damage member trust and the credit union’s reputation.
Here’s what credit unions can take away from previous DDoS attacks:
Learning from past attacks means being better prepared in the future to halt attacks and recover faster.