Fast Facts: Recent Cyber Attacks
The Financial Services Roundtable released its 2012 Fast Facts Book in September, which contains Fast Facts from January 2012 through July 2012. We shared information on preventing financial exploitation of of the elderly in a recent post. Below are some updated Fast Facts on recent cyber attacks.
FACT: Since late September 2012, large financial institutions have been the subject of (or threatened to be the subject of) attacks intended to disrupt the availability of their Web sites. A group that calls itself the Cyber Fighters of Izz ad-din Al Qassam has claimed credit for these attacks.
FACT: The attacks have flooded certain bank Web sites with an extremely high volume of electronic traffic from thousands of locations around the world. This flood of traffic, called “a distributed denial of service (DDoS) attack,” is intended to slow down or disable the bank’s Web site.
FACT: The attacks are not designed to be – and have not resulted in – a data breach, hacking, or unauthorized access to consumer information.
- Consumers can access their accounts through alternative means, including bank branch offices and call centers.
FACT: The financial services industry has robust cyber protections in place.
- Banks collaborate with other banks, federal regulators such as Treasury, law enforcement officials, other government agencies such as the FBI and DHS, Internet Service Providers, and Internet security experts to fully analyze and deflect online attacks and deliver safe and consistent online service.
- Financial services institutions use sophisticated online security strategies to protect customer accounts and continue to invest in technology to increase capacity and defend against potential attacks.
- Financial services institutions are regularly examined by their primary federal regulator to ensure their compliance with cybersecurity regulations and information standards, including standards set in the Gramm-Leach-Bliley Act, Payment Card Industry Data Security Standard, and FFIEC Information Technology Examination Handbooks.
- Financial services institutions collaborate with the Financial Services Information Sharing and Analysis Center (FS-ISAC) which is an industry forum for collaboration on critical security threats facing the financial services sector.
FACT: While there is nothing in particular that customers can do in response to the DDoS attacks, consumers can improve the general security of their private information by using the following tips:
- Install on your computer—and keep updated—anti-virus software, firewall and anti-spyware software.
- Set your computer’s operating system and browser to “automatic download” to ensure your operating system and browser include the latest security updates.
- Don’t get hooked by phishing. Do not respond to unsolicited emails requesting personal information and do not download attachments on unsolicited emails.
- Use strong passwords and change them regularly. The best passwords are long—a minimum of 8 characters—and complex. Not your birthday or the name of a child or pet. Use a combination of numbers, symbols and letter; something meaningful to you like an acronym or batting averages, but not easily guessed.
For additional resources and examples of member programs, visithttp://www.fsround.org/fsr/financial_literacy/financial_literacy_corner.asp.