August 04, 2023

NCUA warns CUs of increased cyberattacks

NCUA logoThe NCUA Thursday alerted credit unions to “a concerning rise in cyberattacks against credit unions, credit union service organizations (CUSOs), and other third-party vendors suppling financial services products.” The agency noted many of these attacks are directly related to critical vulnerabilities in the MOVEit Transfer web application – a managed file transfer application used throughout the financial sector to securely transfer large volumes of sensitive data between systems.

In June, the Cybersecurity and Infrastructure Security Agency (CISA) alerted the public about Progress Software’s security advisory regarding a vulnerability within MOVEit Transfer. CISA urged users and organizations to review the MOVEit Transfer advisory, follow the mitigation steps, and apply the necessary updates when available. The NCUA issued an alert for credit unions, urging the industry to prioritize applying necessary updates and actively searching for any signs of malicious activity.

In the notice sent Thursday, the NCUA urged credit unions and other entities “to take immediate and comprehensive action to protect their systems, sensitive data, and the financial well-being of their members.” The agency outlined mitigation steps and best practices to safeguard against these cyber threats, including to:

  • patch and update MOVEit Transfer web application, directing credit unions to CISA’s advisory;
  • implement multi-factor authentication for all sensitive accounts and systems;
  • conduct regular cybersecurity training for all employees to raise awareness about phishing, social engineering, and other common attacks;
  • deploy advanced email security solutions with phishing detection and block capabilities;
  • develop and regularly test an incident response plan to ensure a swift and coordinated response in the event of a cyberattack;
  • review and assess cybersecurity practices of all third-party vendors that provide financial services and products;
  • implement network segmentation to contain the impact of a potential compromise;
  • maintain frequent data backups and test the data recovery process regularly;
  • participate in threat intelligence sharing communities to stay informed of emerging threats and attack trends; and
  • continuously monitor network traffic, logs and systems to detect and respond promptly to suspicious activities.

Additional cybersecurity resources can be found on the NCUA’s Cybersecurity Resource Center.