In the wake of a series of troublesome Distributed Denial of Service (DDoS) attacks targeting U.S. financial institutions, the Department of Homeland Security is seeking to improve the coordination of cybersecurity efforts with private industry to protect the nation's critical infrastructure, including vital networks in the financial sector.
Of particular concern is the potential for cybersecurity related events to negatively impact an already struggling economy. "America’s cybersecurity is inextricably linked to our nation’s economic vitality – IT systems are interdependent, interconnected and critical to our daily lives – from communication, travel, and powering our homes, to running our economy, and obtaining government services," writes DHS Deputy Secretary Jane Holl Lute.
Lute met with representatives of the financial industry earlier this week at the NASDAQ MarketExchange to discuss strategies for improving the public-private partnership efforts in addressing cybersecurity concerns.
American banks have been on high alert following several weeks of DDoS attacks by hacktivists which have resulted in intermittent website downtime in a campaign that some security experts suspect may be part of a diversionary tactic for a spear-fishing campaign targeting financial account access credentials.
The speculation is tied to an alert issued last month warning of a coordinated operation by cybercriminal syndicates engaged in fraudulent wire transfers, though authorities have yet to confirm there is a connection.
"Private industry owns and operates the vast majority of the Nation’s critical infrastructure and cyber networks. Therefore, protecting critical infrastructure and cyberspace – including the systems and networks that support the financial services industries – requires a full range of partners," Lute said.
An Islamic extremest group called Izz ad-Din al-Qassam Cyber Fighters have claimed responsibility for attacks against Wells Fargo, US Bank, PNC, Bank of America, JPMorgan Chase, Suntrust, Regions, and at least two targeting Capital One, the second of which occurring Tuesday of this week.
The attacks have thus far only resulted in minor inconveniences for the banks and their clients, but the threat of prolonged attacks could have an impact on customer confidence and ultimately the financial well being of the targeted institutions.
"For business owners, protecting cyberspace is part of their bottom line. Cyber crime can mean financial loss for businesses both large and small. To address emerging cyber threats, we must acknowledge our shared responsibility... We all have a role to play in preventing cyber crime and protecting cyberspace as businesses and consumers alike," Lute continued.
October is National Cyber Security Awareness Month, and DHS is encouraging organizations to take this opportunity to improve security awareness for both employees and consumers with the following recommendations:
- Host a Stop.Think.Connect. cybersecurity awareness event at your facility to engage your community in promoting awareness about the dangers Americans face online.
- Establish security practices and policies to protect the sensitive information of your organization and its employees, patrons, and stakeholders.
- Educate employees to the Internet security guidelines and procedures.
- Download and distribute cybersecurity materials in your workplace.
- Use and regularly update antivirus and antispyware software on all computers.
- Secure Internet connections by using such technologies as firewalls and encrypting information.
- Require employees to use strong passwords and regularly change them
"Throughout this awareness initiative and beyond, businesses can take concrete steps to improve online safety," Lute said.