We use cookies to deliver our online services. Details of the cookies we use and instructions on how to disable them are set out in our Cookies Policy. By using this website you agree to our use of cookies. To close this message click close.

U.S. Banking Regulator Directs Banks to Bolster Cybersecurity Efforts in Wake of Recent Denial of Service Attacks

Harriet Pearson

Harriet Pearson,

Washington, D.C.

21 December 2012
The Office of the Comptroller of the Currency (OCC) issued an alert today warning banks of a recent spate of distributed denial of service (DDoS) attacks directed at several U.S. banks, and reiterating its expectation that banks have risk management programs in place to identity and mitigate the "new and evolving threats" to online customer accounts.  The alert – which is directed at the CEOs of all national banks and their technology service providers, among others – states that DDoS attacks are often deployed to divert bank resources while other cyberattacks are launched to fraudulently obtain funds from customer accounts and steal proprietary information.
U.S. Banking Regulator Directs Banks to Bolster Cybersecurity Efforts in Wake of Recent Denial of Service Attacks

The alert directs banks to “have a heightened sense of awareness” and to “employ appropriate resources to identify and mitigate” the risk posed by DDoS attacks, including by having appropriate personnel and external partners involved in incident response and by conducting due diligence reviews of third-party service providers (e.g., Internet service providers).  Additionally, the alert calls on banks to share information with other banks, third-party service providers, and the government, and to be prepared to communicate with their customers in a “timely and accurate” manner in the event of an attack.  The alert also states that the OCC expects banks to report DDoS attacks to law enforcement authorities and their supervisory office and to file a Suspicious Activity Report if the attack affects either critical information – such as customer account information – or critical systems.

Harriet Pearson

Harriet Pearson,

Washington, D.C.

Cybersecurity in the Health Sector

The health sector is under siege with cybersecurity threats. Some of the largest announced cyber attacks in U.S. history have targeted organizations in the health industry. Regulators have...

02 May 2016
Loading data