Credit Unions Are Waging War with a New Generation of Cybercriminals

Like many other criminal activities, cybercrime thrives under the cover of uncertainty, fear, and confusion. The COVID-19 pandemic and the resulting economic strife, as well as civic unrest in the United States, has certainly offered cybercriminals this cover. When I step back from our day-to-day efforts to keep our clients’ organizations safe, it is clear that we are facing a rapid evolution of cybercriminal sophistication. When I consider some of the themes we are confronting in our fight against cybercrime, four issues come to the top of my mind—the frequency of cyberattacks, the sophistication of attack targeting, the increasing use of artificial intelligence to perfect attacks, and the challenge of a work-from-home workforce. Frequency of Attack Typically, we see a downturn in cyberattacks after the winter holidays. Cybercriminals develop new versions of their technology tools, just as reputable companies do, and frequently use January and part of February to perform these updates. At some point in February, cyberattack activity usually accelerates again. However, rather than a lull, the first quarter of 2020 featured a profound increase in activity. Leveraging the COVID-19 pandemic was an ideal opportunity for cybercriminals, and as we moved into March, phishing attempts increased by over 600%. Additionally, SilverSky and other cybersecurity companies across the industry were seeing four-to-six times the number of attacks we normally see during the first five months of the year. 1 So a major theme of 2020 so far has been the large increase in the frequency of attacks, and although we may experience letups in activity here and there, I believe the increased frequency of attacks is likely here to stay. Sophisticated Targeting of Attacks Not so long ago, cyberattacks were primarily a game of brute force. Cybercriminals launched attacks on as many targets as possible, and by their sheer numbers, some attacks succeeded. As the cybersecurity industry became much better at detecting, preventing, and remediating these attacks, criminals have become much better at targeting in hopes of evading detection. One key method cybercriminals are using to accomplish this is to spend more time researching and identifying targets. This research allows them to determine the likely job functions of their targets, the type of information the targets probably have access to, and the impersonation messaging and keywords most likely to elicit the desired response. For example, malware might be effectively distributed in resumes when targeting HR professionals. Or perhaps an accounts payable professional can be tricked into making an illicit payment. While brute force social engineering attacks are likely to be easily detected by today’s technology, well-researched and targeted attacks can more effectively evade detection. Artificial Intelligence Facilitates Ongoing Improvement Just as cybersecurity companies are increasingly incorporating AI into their technology to detect and prevent attacks, hackers are utilizing AI to improve success on their end. For example, criminals can use AI to conceal malicious codes in everyday applications. Hackers could program the codes to execute at a specific time or based on specific criteria—maybe after the application has been installed for a specified period of time or maybe after a set number of users have subscribed to the application. Concealing malicious code and triggering code in these ways requires AI models and private keys to control the place and time the malware will execute. Because AI-driven technology is designed to acquire data and intelligence and adapt accordingly, by utilizing well-constructed AI models, hackers can conceal malicious code for a long time without detection. All the while, AI algorithms are gathering insights that allow the hackers to strike when the application is most vulnerable. Also, criminals are increasingly using AI to execute intelligent attacks that self-propagate over a system or network. AI-fueled malware can exploit unmitigated vulnerabilities leading to an increased likelihood of inflicting maximum damage. For example, if an AI-driven attack encounters a patched vulnerability, it will automatically adapt to try either a different kind of attack or to seek different vulnerabilities. Ongoing Work-from-Home Everything that I am hearing from our credit union customers suggests that working from home will be a long-term and perhaps permanent proposition. Therefore, credit unions must move beyond thinking about working from home, and the resulting security challenges, as a state that will end any time soon. We must recognize that we cannot control workers’ home networks. We have no idea what IoT devices are connected, what neighbors are in proximity, what guests may be logging onto their networks, and what outdated equipment may be in use. Training and education are musts, along with establishing work-from-home agreements and procedures. In addition, the utilization of VPNs, multifactor authentication, effective endpoint management, and many other measures are a must. In short, credit union cybersecurity procedures, efforts, and technology will need to adapt quickly to the new environment. These are daunting times, requiring a great deal of thought and many technological resources. Additionally, the road ahead will only become more complex. If you need help, SilverSky is here for you. Don’t hesitate to reach out to us at 1-800-234-2175 or learn@silversky.com. “Cyber-Attacks Up 37% Over Past Month as #COVID19 Bites,” Phil Muncaster, InforSecurity, April 1, 2020

Like many other criminal activities, cybercrime thrives under the cover of uncertainty, fear, and confusion. The COVID-19 pandemic and the resulting economic strife, as well as civic unrest in the United States, has certainly offered cybercriminals this cover. 

When I step back from our day-to-day efforts to keep our clients’ organizations safe, it is clear that we are facing a rapid evolution of cybercriminal sophistication.  When I consider some of the themes we are confronting in our fight against cybercrime, four issues come to the top of my mind—the frequency of cyberattacks, the sophistication of attack targeting, the increasing use of artificial intelligence to perfect attacks, and the challenge of a work-from-home workforce.

Cybercriminals Increase Frequency of Attack

Typically, we see a downturn in cyberattacks after the winter holidays. Cybercriminals develop new versions of their technology tools, just as reputable companies do, and frequently use January and part of February to perform these updates. At some point in February, cyberattack activity usually accelerates again. However, rather than a lull, the first quarter of 2020 featured a profound increase in activity.

Leveraging the COVID-19 pandemic was an ideal opportunity for cybercriminals, and as we moved into March, phishing attempts increased by over 600%. Additionally, SilverSky and other cybersecurity companies across the industry were seeing four-to-six times the number of attacks we normally see during the first five months of the year. 1

So a major theme of 2020 so far has been the large increase in the frequency of attacks, and although we may experience letups in activity here and there, I believe the increased frequency of attacks is likely here to stay.

Sophisticated Targeting of Attacks

Not so long ago, cyberattacks were primarily a game of brute force. Cybercriminals launched attacks on as many targets as possible, and by their sheer numbers, some attacks succeeded. As the cybersecurity industry became much better at detecting, preventing, and remediating these attacks, criminals have become much better at targeting in hopes of evading detection.

One key method cybercriminals are using to accomplish this is to spend more time researching and identifying targets. This research allows them to determine the likely job functions of their targets, the type of information the targets probably have access to, and the impersonation messaging and keywords most likely to elicit the desired response.  

For example, malware might be effectively distributed in resumes when targeting HR professionals. Or perhaps an accounts payable professional can be tricked into making an illicit payment. 

While brute force social engineering attacks are likely to be easily detected by today’s technology, well-researched and targeted attacks can more effectively evade detection. 

Artificial Intelligence Facilitates Ongoing Improvement

Just as cybersecurity companies are increasingly incorporating AI into their technology to detect and prevent attacks, hackers are utilizing AI to improve success on their end. For example, criminals can use AI to conceal malicious codes in everyday applications. Hackers could program the codes to execute at a specific time or based on specific criteria—maybe after the application has been installed for a specified period of time or maybe after a set number of users have subscribed to the application. Concealing malicious code and triggering code in these ways requires AI models and private keys to control the place and time the malware will execute.

Because AI-driven technology is designed to acquire data and intelligence and adapt accordingly, by utilizing well-constructed AI models, hackers can conceal malicious code for a long time without detection. All the while, AI algorithms are gathering insights that allow the hackers to strike when the application is most vulnerable. 

Also, criminals are increasingly using AI to execute intelligent attacks that self-propagate over a system or network. AI-fueled malware can exploit unmitigated vulnerabilities leading to an increased likelihood of inflicting maximum damage. For example, if an AI-driven attack encounters a patched vulnerability, it will automatically adapt to try either a different kind of attack or to seek different vulnerabilities.

Ongoing Work-from-HomeCUNA Business Continuity Issues

Everything that I am hearing from our credit union customers suggests that working from home will be a long-term and perhaps permanent proposition. Therefore, credit unions must move beyond thinking about working from home, and the resulting security challenges, as a state that will end any time soon.

We must recognize that we cannot control workers’ home networks. We have no idea what IoT devices are connected, what neighbors are in proximity, what guests may be logging onto their networks, and what outdated equipment may be in use.

Training and education are musts, along with establishing work-from-home agreements and procedures. In addition, the utilization of VPNs, multifactor authentication, effective endpoint management, and many other measures are a must. In short, credit union cybersecurity procedures, efforts, and technology will need to adapt quickly to the new environment. 

 

These are daunting times, requiring a great deal of thought and many technological resources. Additionally, the road ahead defending against cybercriminals will only become more complex. If you need help, SilverSky is here for you. Don’t hesitate to reach out to us at 1-800-234-2175 or learn@silversky.com.

 

  1. Cyber-Attacks Up 37% Over Past Month as #COVID19 Bites,” Phil Muncaster, InforSecurity, April 1, 2020

John Devenyns Editor
Senior Sales Engineer , SilverSky
SilverSky offers a comprehensive suite of products and services that deliver unprecedented simplicity and expertise for compliance and cybersecurity programs.
follow me

Previous

Next

Managed Detection and Response

Comprehensive solutions to detect, prioritize, and address security incidents.

Managed Security Services

24 X 7 X 365 monitoring, management, and system maintenance.

Email Protection Suite

Monitor and manage your email environment with advanced email security and compliance protections.

Cloud Email and Collaboration

Cloud office productivity enhanced with proven security and compliance protection.

How does SilverSky's integrated stack of solutions meet your needs?

Compliance and Risk Services

Assess your program and controls, benchmark and identify areas for improvement. Develop your security roadmap for investment and improvements. Effectively measure ROI and impact on your security posture

Incident Response Readiness

Incident Response Plan Development / Review. Incident Response Readiness Review. Emergency Incident Response.

Discuss your compliance, risk management and incident response readiness needs.

Schedule Free 1-on-1 Consultation

Financial Services

1,500+ small & mid-sized financial institutions rely on SilverSky to meet and exceed FFEIC, GLBA and PCI DSS requirements and overall cybersecurity needs.

Healthcare

Hundreds of small & mid-sized healthcare organizations rely on SilverSky to address HIPAA and other regulatory requirements and serve overall cybersecurity needs.

Retail

Small and mid-sized retail organizations count on SilverSky to maintain PCI DSS requirements, secure customer data and reduce cybersecurity threats.

How Exposed Are You?

Take the test to see how your security program compares with other businesses like yours.

Resources

White papers, guides, tools, on-demand webinars, case studies and more. Explore a range of topics. 

Events & Webinars

Blog

Product Sheets

SilverSky product and services information at your fingertips. Product data sheets, compliance matrixes, & brochures.

How Exposed Are You?

Take the test to see how your security program compares with other businesses like yours.

Become A Partner

Partner with SilverSky to tap into the approaching $300 billion+ cybersecurity market.

Talk to one of our partner managers and consider expanding your cybersecurity offerings.

Schedule Partner Exploration Discussion

Share This