As the government shutdown continues, a large percentage of people who work on national cybersecurity remain furloughed. This includes many Department of Homeland Security and National Institute of Standards and Technology resources that would normally be watching the bad guys. This gap in defensive monitoring is practically an invitation for cyber attackers to ramp up their efforts. Many of these efforts will come in the traditional form of phishing, or fake communications designed to trick a user.
For example, after natural disasters or during times of great need, attackers are especially opportunistic, sending out phishing emails for spoofed or fabricated charities and stealing the money donated to the “cause.” Similarly, as credit unions have stepped up to address the need to help furloughed workers with member-friendly loans, this becomes a prime area where attackers can take advantage. Spoofing a credit union email, asking a member to log into a fake website or call a fake phone number, would be a simple and effective attack.
Attackers may also target a credit union directly by impersonating members and taking advantage of the credit union’s generosity by opening accounts or applying for a loan under the guise of furlough assistance. Identity theft continues to be a major issue and attackers will utilize any method necessary to achieve their goals.
continue reading »