With the recent Russian invasion of Ukraine, it’s important to talk about what’s going on the cyberspace. Cyber Warfare isn’t a shadowy possibility anymore; it’s real and has been used to take down banks and government institutions in Ukraine.
And the threat is real here at home, too, with the possibility of attacks potentially being targeted at the financial system in the USA. We’d expect larger institutions and core providers to be targeted before smaller, local institutions like credit unions, but diligence is still our best defense.
Most experts think that if we see attacks, they will be in the form of DDOS (distributed denial-of-service) attacks. A DDOS attack is a malicious attempt to disrupt the normal traffic of a targeted server, service, or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic, which shuts it down or renders it inoperable.
Time is absolutely of the essence when detecting a cyber-attack; the faster you detect it, the quicker you can remediate it! If you experience any of the examples below, report it to your IT team right away!
- Unknown Email Senders: Use extreme caution before clicking links in any email. You can detect nefarious links by hovering over an email link with your mouse. Also, never open attachments in an email from an unknown sender or that you aren’t expecting.
- Unusual Password Activity (on work and personal accounts!): If you get an email that your password has changed or that you can’t log in to any account that you KNOW the password for, that might be a sign of trouble. Report it and change your password often! And I know this is hard…but try and use different passwords for all your accounts.
- Where are these pop-ups are coming from?: First and foremost, don’t click on a web pop-up from a work computer. You may see pop-up ads that are safe to explore on your personal device, but use caution and look for products and businesses that you’re familiar with or can find online with a quick search. And if you’re suddenly getting a bunch of pop-ups somewhere other than a browser window, report it to IT right away!
- A Slow(er than usual) Network: Sure, we’re not always as patient as we could be, but if your network seems significantly slower than usual, report that too. It might be a sign of activity that should not be there and could be bad guys digging around on the network looking for information or trying to shut you down.
- Out-of-Date Software: If you have the power (and permission) to update the software on your device, do it as soon as possible when the program prompts you. (Note: not when you get a sketchy phone call where they claim to be Microsoft and want your credit card number so they can update it for you…)If only your IT team can make updates and you get a warning on your workstation, report it!
With so many kinds of Cyber Warfare, and new variations every day, it would be impossible to warn your team about every possible threat. So, let’s sum it up with the best advice we have:
Think before you click!
About the Author: Rich Szabo isn’t just the VP of IT, he’s our O.G. IT safety and security expert. With more than 30 years of experience inside and outside of the financial industry, cutting-edge IT hardware, software, and best practices are always on his radar.