In a cybersecurity alert issued Friday amid “current geopolitical events,” the NCUA reminded credit union leadership to be aware of current “critical cyber risks.” Credit unions should take urgent steps to reduce the likelihood and impact of a potentially damaging compromise, due to financial institutions being included in potential targets to U.S. critical infrastructure, the alert stated.
The NCUA notice follows two new alerts from the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, CISA, addressing risks from Russian state-sponsored cyber threats and highlighting recent malicious cyber incidents suffered by public and private entities in Ukraine.
The NCUA, along with CISA, the FBI, and the National Security Agency, are encouraging credit unions and their cybersecurity teams to adopt a heightened state of awareness and to conduct proactive threat hunting, the agency’s alert stated. In addition, COVID-related supply chain disruptions may require management to re-evaluate previously held assumptions for business continuity and disaster recovery plans.
Further, the agency highly encourages credit union leadership to review the two CISA alerts and act on the applicable recommendations. “It is crucial that your organization does its part to improve its resilience, reducing the risk of compromise or severe business degradation,” the NCUA alert stated.
Resources: The NCUA recently created the Automated Cybersecurity Evaluation Toolbox for federally insured credit unions to evaluate their cybersecurity posture. For more information, visit the NCUA’s cybersecurity resources website.