GLENDALE, Calif. Clearpath FCU here is working to re-create its website after a Distributed Denial of Service (DDoS) attack took it down.
The attack is not part of the much-rumored wave of interruptions that is threatened to take place today. “It happened about two weeks ago,” Clearpath FCU’s Executive Vice President and Chief Financial Officer, John Lee, told Credit Union Journal. “We were surprised because we are not a big financial institution by any means.”
With more than 11,000 members and four branches, the $78-million Clearpath FCU is not alone. Patelco Credit Union and University (of Texas) Federal Credit Union also are recent victims of DDoS attacks. While no credit union or member data was compromised, the Clearpath FCU website was shut down once the hosting company realized an attack had occurred. Until the host contacted the credit union, Lee was unaware of the attack. He learned the attackers, yet to be identified, were using Clearpath’s URL to attack other websites.
A temporary website, which reads “website under construction,” is providing links to various member services. These include online banking and bill pay, loan applications, and an ATM and shared branch locator. After clicking through, members are directed to a secured log-in page.
Lee said he does not know yet why his credit union was attacked, but it has discovered what made it vulnerable. “We had not upgraded the encryption software to the latest version. Updating will not prevent all attacks but it certainly will limit the ability to get attacked.”
Meanwhile, today is the day many CUs will be paying particular attention to online security. More than a dozen of the nation’s biggest credit unions are listed on a group of 159 institutions targeted for DDoS attacks, which the hacktivists are calling OpUSA. The credit unions, which include Navy FCU, Pentagon FCU, BECU, The Golden 1 CU, Suncoast Schools FCU, American Airlines FCU, Alliant CU, America First CU, Security Service FCU, and San Diego County CU, among others, all were contacted last week by NCUA to help them prepare for the threatened cyber attacks.
CO-OP Financial Services is offering a white paper on how credit unions can fight back against DDoS attacks. Titled, “A Risk-Based Approach to DDoS Protection for Credit Unions and Credit Union Service Organizations, it can be found at
