New Regulatory Expectations to Address Cybersecurity Threats

Financial Institutions

July 01, 2014
by Mark Scholl

Bookmark and Share
Mark Scholl Mark Scholl
Illinois Market Leader

View Profile
 On April 2, 2014, the Federal Financial Institutions Examination Council (FFIEC) issued notices warning financial institutions about the increase of attacks as a result of ATM cash-out fraud and distributed denial of service (DDoS) threats. Soon after on May 7, 2014, the FFIEC and the Cybersecurity and Critical Infrastructure Working Group held a webinar for CEOs and senior managers of community financial institutions to help raise awareness about the pervasiveness of cyber threats, as well as to discuss the role executive leadership should play in managing those risks.
ATM cash-out fraud, dubbed “unlimited operations” by the U.S. Secret Service, involves thieves using malware to gain Web-based access to ATM control panels to increase withdrawal and geographic limits. The malware is put in place by tricking employees using social engineering techniques. Then, fast and costly withdrawals are performed using fraudulent ATM, debit, and prepaid cards obtained through other attacks, usually during holidays and weekends when monitoring is limited.

Average Rating:

Length: 2 pages (PDF 90 kB)

Rate this Article
*  =  required fields
Your Rating*
E-mail Address*