Patelco has confirmed that on Feb. 25 the large Northern California credit union was down for “around two hours” in a Distributed Denial of Service (DDoS) attack which overwhelms a web host with data, effectively knocking it out of commission.
Speaking in an informal interview at a CUNA GAC event on Tuesday, Ken Burns, CEO of the $3.8 billion Pleasanton, Calif., corroborated the two-hour outage.
Burns indicated that the upside is that, in January, in a first attack, the credit union was down for over five hours so the responses it implemented at that point had benefits.
But Burns also indicated he expected better and would be reviewing next steps with his internal IT staff and a third-party DDoS mitigation contractor Patelco has retained. He declined to name the contractor.
Last week NCUA issued its first DDoS “risk alert,” advising credit unions on must do’s in regard to this disruptive attack format.
The current Patelco attack appeared to be the work of the same highly skilled group that perpetrated the first, the so-called al-Qassam Cyber Fighters.