X

Thank you for sharing!

Your article was successfully shared with the contacts you provided.

<p>Tom Ha sees the challenges grow daily. “Staying up to date on firewalls and anti-virus software is critical to a good operation,” says the information systems manager at AmeriChoice FCU, a $70 million, 11,000-member organization in Mechanicsburg, Pa. “Money in accounts is really just another form of data, the real, physical money is stored in vaults and off-site, et cetera. But our data is of utmost concern and we do our best to keep it safe,” he says. That includes defending against such things as the so-called Goner worm, the most recent headline-grabbing system snarler. Ha says it showed up at AmeriChoice (www.americhoice.org) the day it was first internationally reported, but that he had already been warned by his anti-virus provider and was protected. “It can be hard, but the same technology that they are using to spread these worms and such is also being put into play much more quickly now to defend against them,” says Ha, who receives alerts through his PC, PDA and cell phone. Indeed. Just keeping up is daunting and a full-time job. “As of today, there are 57 security updates from Microsoft out for this year,” Rick Woehler of PM Systems (www.pmsyscorp.com and www.cudefense.com), a South Carolina-based provider of security services to more than 300 credit unions, said in mid-December. Of course, as the biggest target, Microsoft-powered servers are a favorite for hackers surfing Internet addresses and breaking into systems, and Woehler can demonstrate just how easy it is, quickly demonstrating a series of steps that gain entry to an unprotected host system of what apparently is a small Internet services provider on the West Coast. It can also be that easy for destructive viruses and worms (the latter being particularly insidious because they propagate themselves) to enter and do their damage. Woehler says he wishes he could alert every system he receives an alert from but has to spend all his time protecting his paying customers. “PM Systems receives around 500 NIMDA (a pernicious cyber-worm) attempts per day against our 1,000-plus IP addresses. One of our monitored security customers gets around 900 per month from the BellSouth network,” he says. And credit unions that think they’re immune are kidding themselves, says Rick Fleming, vice president of security operations at Digital Defense (www.digitaldefense.net), a Texas-based provider of security services to hundreds of credit unions across the country. He sees problems occurring daily because of sloppy internal IS techniques, including not keeping up with necessary patches. However, Fleming says, “the leading cause of this is an `it can’t happen to me because I’m too small attitude.’ ” “ I can’t tell you how many times over the past few years I’ve heard CEO’s and board members of credit unions tell me that they didn’t think their credit union was vulnerable to attack because they are too small an organization or just don’t have a large Internet presence,” he says. “My reply to them is that those ever-annoying telemarketers can find their home numbers, even if they are unlisted, by simply dialing every number. The same is true with hackers and script kiddies. “Script kiddies are inexperienced hacker wannabes who don’t really understand what they are doing, but simply download scripts and tools from the Internet and run them. “Many times a system is compromised simply because its number, literally speaking, was up. It wasn’t a targeted attack against the organization because it was a financial organization, but simply a target of opportunity because its servers were scanned and found to be vulnerable,” Fleming says.</p>

Complete your profile to continue reading and get FREE access to CUTimes.com, part of your ALM digital membership.

Your access to unlimited CUTimes.com content isn’t changing.
Once you are an ALM digital member, you’ll receive:

  • Critical CUTimes.com information including comprehensive product and service provider listings via the Marketplace Directory, CU Careers, resources from industry leaders, webcasts, and breaking news, analysis and more with our informative Newsletters.
  • Exclusive discounts on ALM and CU Times events.
  • Access to other award-winning ALM websites including Law.com and GlobeSt.com.

Already have an account?

Credit Union Times

Join Credit Union Times

Don’t miss crucial strategic and tactical information necessary to run your institution and better serve your members. Join Credit Union Times now!

  • Free unlimited access to Credit Union Times' trusted and independent team of experts for extensive industry news, conference coverage, people features, statistical analysis, and regulation and technology updates.
  • Exclusive discounts on ALM and Credit Union Times events.
  • Access to other award-winning ALM websites including TreasuryandRisk.com and Law.com.

Already have an account? Sign In Now
Join Credit Union Times

Copyright © 2020 ALM Media Properties, LLC. All Rights Reserved.