Credit Unions in the Crosshairs of the Latest Online Threats (Credit Union Conference Presentation)
 

Credit Unions in the Crosshairs of the Latest Online Threats (Credit Union Conference Presentation)

on

  • 429 views

Online schemes designed to steal member identities continue to grow at an alarming rate in both volume and level of sophistication. In this 2011 NAFCU Annual Conference session a seasoned security ...

Online schemes designed to steal member identities continue to grow at an alarming rate in both volume and level of sophistication. In this 2011 NAFCU Annual Conference session a seasoned security professional discusses a comprehensive approach to combating phishing, malware, and other identity theft schemes. Understand real-world trends and how standard processes, consumer education, and the vigilant monitoring of the Internet, including the “hidden” Internet, can ensure long-term member confidence in online commerce.

Presented by James Brooks, Director, Product Management, Cyveillance

More info at http://www.nafcu.org/cyveillance

Statistics

Views

Total Views
429
Slideshare-icon Views on SlideShare
429
Embed Views
0

Actions

Likes
0
Downloads
4
Comments
0

0 Embeds 0

No embeds

Accessibility

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Credit Unions in the Crosshairs of the Latest Online Threats (Credit Union Conference Presentation) Credit Unions in the Crosshairs of the Latest Online Threats (Credit Union Conference Presentation) Presentation Transcript

    • Credit Unions in the Crosshairs of the Latest Threats Presented by James Brooks Cyveillance National Association of Federal Credit Unions l www.nafcu.org
    • AgendaOverviewLatest threats explainedExisting defensesBest practices National Association of Federal Credit Unions l www.nafcu.org
    • • Latest threats are very advanced• Attack target selection will follow the pattern of “traditional” phishing• Credit unions need to act now National Association of Federal Credit Unions l www.nafcu.org
    • New Threats• Social media has become a mainstream attack vector for fraudsters• Both credit unions and members have cause for concern National Association of Federal Credit Unions l www.nafcu.org
    • New Threats• Fraud schemes targeting smart phones on the rise• Lack of security for ever- growing amount of new mobile applications create a new set or problems for companies National Association of Federal Credit Unions l www.nafcu.org
    • Advanced Persistent Threats• Purpose-built for network infiltration and corporate espionage• Smaller, targeted attacks much harder to detect• Direct financial losses are much more significant than past smaller scams National Association of Federal Credit Unions l www.nafcu.org
    • New Breed of Malware • Stealthy • Scalable • EffectiveNational Association of Federal Credit Unions l www.nafcu.org
    • Targeted Attacks This variant of Phishing targets individual users, but for company specific information such as a network login, or financial information. This example shows how an executive’s name (e.g. our CEO, easily garnered from our Web site) reinforces the seeming legitimacy of this classic “social engineering” attack.National Association of Federal Credit Unions l www.nafcu.org
    • Aurora• Targeted over 30 companies• Criminals sought highly sensitive technical information National Association of Federal Credit Unions l www.nafcu.org
    • Carbon Credits• Targeted organizations in Europe, Japan, & New Zealand• Stole over 4 million dollars in credits National Association of Federal Credit Unions l www.nafcu.org
    • Is My CU Vulnerable?• 57 of 530 employees targeted clicked on malicious link – over 10%!!!• Only a “few megabytes” of data were stolen before the lab discovered the breach National Association of Federal Credit Unions l www.nafcu.org
    • Existing Defenses Ineffective• Not designed to detect targeted attacks• No security system can make up for human error• Most anti-virus applications takes days or weeks to catch up to the latest threats National Association of Federal Credit Unions l www.nafcu.org
    • AV PerformanceAnti-Virus Vendor Test Results 2H 2010 Source: Cyveillance National Association of Federal Credit Unions l www.nafcu.org
    • AV Lag Time StudyAnti-Virus Vendor Test Results Over Thirty Day Period Source: Cyveillance National Association of Federal Credit Unions l www.nafcu.org
    • Best Practices• Social Media Policy• Proactive registration on top social media sites• Monitoring of Web and social media environment for potential threats National Association of Federal Credit Unions l www.nafcu.org
    • Best Practices• Ongoing employee training• Staying abreast of latest threats and protection technologies National Association of Federal Credit Unions l www.nafcu.org
    • Questions?Contact info: James Brooks Director, Product Management jbrooks@cyveillance.com (703) 351-2405 National Association of Federal Credit Unions l www.nafcu.org