How to Overcome Credit Union Cybersecurity Challenges

PUBLISHED ON October 14, 2021
LAST UPDATED April 22, 2022

Credit unions have a unique set of cybersecurity challenges stemming from their size, mission, and industry. Due in part to these unique circumstances, we’ve been hearing from and partnering with quite a few credit unions in recent months. We also see a lot of success with these partnerships and thought it would be valuable for other organizations in other industries if we shared our experiences and lessons learned.

Credit unions are an attractive target for attackers

According to the most recent report from the National Credit Union Administration (NCUA) dated March 31st, 2021, 5,068 federally insured credit unions provide financial services to more than 125 million members in the US, with total assets reported at $1.95 trillion.

Given the large member base and the huge dollar value of financial assets managed by credit unions, the NCUA continuously reminds credit unions to protect their systems and critical infrastructure. NCUA Chairman Rodney E. Hood recently noted that “In this day and age, cybersecurity is everyone’s business” and points out that “Even during COVID-19, hackers and thieves do not rest. We expect credit unions to take appropriate measures to protect themselves and their members.”

Learn how SELCO Community Credit Union leverages ThreatX to blocks suspicious activity without affecting legitimate traffic. Read the case study

At ThreatX, we observed millions of direct attacks on credit union web and API applications just in the month of September 2021 alone. For example, one of our new credit union customers was dealing with so much attack traffic that their application servers were overwhelmed. They were experiencing application outages and had observed an increasing number of fraud-related cases. They weren’t sure what they could do to restore and maintain service while also reducing fraudulent activity – the quality of their member experience was taking a big hit.

We’ve observed specific entities, unique attack patterns, and common techniques across our credit union customers – attackers are using the same attacks against different credit unions. 

After connecting with us through a partner, this credit union had ThreatX deployed and blocking millions of attacks in a matter of days. The screenshot below shows just how bad it had gotten and how ThreatX was able to stop the attacks in the cloud before they were able to make it to the application servers.

Credit union 3-day attack metrics
90% of traffic over a 30-day period was identified as malicious traffic requests and blocked.

The image above reveals that, over the past 30 days, there were almost 70 million requests to the credit union web and mobile application servers. Nearly 65 million were identified by ThreatX as malicious and were subsequently blocked.

In short, ThreatX handled massive credential stuffing attacks while also detecting and blocking millions of SQL injects and similar attacks.

Example credit union threat entities
Attack type classifications that ThreatX is protecting credit union customers from.

Blocking cyberattacks without sacrificing credit union member experience

Although credit unions face many of the same cybersecurity issues as other organizations, they often feel them more acutely. As financial institutions, credit unions are a prime target for cyberattackers. However, they are often regional and relatively small compared to larger organizations and may lack the cybersecurity resources found in larger financial institutions.

Malicious bots, exploits, account take-overs, and DDoS attacks are everyday realities for credit union security teams. In addition, customer experience is a priority for credit unions and an expectation for their clients. Members want secure, robust, and reliable access to their banking products and services. It is up to credit union technical teams to ensure those are delivered securely and with an excellent member experience.

ThreatX has proven to be the cost-effective “easy button” for many credit unions by leveraging our unique detection capabilities, cloud-based architecture, and integrated services. With ThreatX, our credit union customers have been able to get up and running in minutes and are soon blocking advanced threats that were getting through their existing defenses. Once up and running, they can track entities targeting credit unions in real-time, even as they rotate their IPs, user agents, and attacking infrastructure.

Then, ThreatX’s behavioral analytics system takes security to an entirely new level, identifying threats based not only on the attack tools and methods but based on behaviors differentiating them from legitimate credit union members and partners. ThreatX can identify and block threats with a high degree of accuracy while permitting legitimate users unfettered access to the systems they need. We’ve seen organizations completely overwhelmed with attack traffic immediately reduce web, API, and bot traffic to near-zero after deploying ThreatX.

Simple security solutions for the unique demands of credit unions

ThreatX brings real-world experience and expertise to bear, allowing these organizations to protect the member’s experience and repel the most advanced threats without burdening the internal security team.

Detecting and blocking bot-based attacks

We’ve observed specific entities, unique attack patterns, and common techniques across our credit union customers – attackers are using the same attacks against different credit unions.

Example credit union attack map
ThreatX’s Threat Map view, showing the origins of the malicious traffic observed.

We often see attackers and bots move from online banking to mobile banking, or vice versa, as they find they are being seen and blocked. In some cases, the attacking entities will move their attacks from one credit union to another.

Attacks are often quickly evolving bot-based credential stuffing and account takeover attempts targeting both traditional web interfaces and mobile app APIs. While these threats often easily fly under the radar of signature-based systems, ThreatX can blend attacker profiling, active interrogation, and other risk-based analysis to block these attacks with extremely low false positives.

Stopping cyberattacks while protecting member experience

Bots and other Layer 7 attacks can easily overwhelm a credit union’s application resources, which can ultimately cause delays or prevent access for valid end users. With ThreatX, credit unions can stop these Layer 7 attacks before they reach the credit union servers, ensuring that members retain fast, reliable access. And by transparently detecting and blocking bots, organizations can avoid introducing user friction due to CAPTCHAs and other end-user challenges.

Protecting all apps and APIs in minutes

ThreatX’s API and cloud-native architecture allow credit unions to add protection for all their apps and APIs in minutes instead of days or weeks usually required of appliance or agent-based solutions. Additionally, credit unions can get immediate benefits from pre-configured policies and threat detections by leveraging industry-specific expertise.

Managed security services that take the load off internal teams

ThreatX complements its technology with access to our 24×7 SOC and application security experts. This ensures that organizations proactively adapt to new incidents, threats, and techniques without burdening internal staff.

We’d love to share more about how we protect credit unions from all variety of threats while ensuring your members experience is unaffected. Please contact us for more details, or request a demo.


About the Author

Anthony Velte

Anthony T. Velte, CISSP, CISA, is a ThreatX Security Sales Engineer with over twenty years of experience in Information Systems Security, Architecture, and Engineering. He has written more than a dozen technology books including McGraw-Hill Education’s Cloud Computing: A Practical Approach and Cisco: A Beginner's Guide 1st-5th editions.