Geopolitical Events Increase the Likelihood of Imminent Cyberattacks on Financial Institutions

Financial institutions, large and small, included in potential targets to U.S. critical infrastructure

The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has recently issued two alerts addressing risks from Russian State-Sponsored cyber threats and highlighted recent malicious cyber incidents suffered by public and private entities in Ukraine.

Given current geopolitical events, the NCUA, along with CISA, the Federal Bureau of Investigation, and the National Security Agency encourages credit unions of all sizes to adopt a heightened state of awareness and their cybersecurity teams to conduct proactive threat hunting. In addition, COVID-related supply chain disruptions may require management to reevaluate previously held assumptions for business continuity and disaster recovery plans.

Credit union leadership should be aware of critical cyber risks and take urgent steps to reduce the likelihood and impact of a possible damaging compromise. All credit unions, regardless of size, are potentially vulnerable to cyberattacks.

We highly encourage you to review the two CISA issuances and act on the applicable recommendations. Your organization must do its part to improve its resilience, reducing the risk of compromise or severe business degradation.

The NCUA recently created the Automated Cybersecurity Evaluation Toolbox (ACET) for federally insured credit unions to evaluate their cybersecurity posture. For more information, please visit ncua.gov.