Pub. 2 2013 Issue 5

l e a d i n g a d v o c a t e f o r t h e b a n k i n g i n d u s t r y i n k a n s a s 18 A s banking becomes an increasingly mobile and electronic-based activity for your cus- tomers, the possibility of cybersecurity threats from criminals and “hacktivists” continues to grow. This means we each have to be vigilant – ready to respond to protect our bank and our customers. We know that no bank is immune from experiencing something like a distributed denial of service attack. Banks are increasingly the target of such attacks, which seek to disrupt a bank’s processes by overwhelming computer and/or telecommunications networks with massive amounts of server and data requests. And sometimes these attacks can mask an attempted compromise of a bank’s systems. These attacks can interfere with customers’ ability to access their online banking accounts, and they can also morph into data loss or destruction. While the latter instances are rare, we must be mindful that they can occur. ABA is actively engaged in industry-led responses to these threats, working with government and law enforcement officials to provide you the resources necessary to address these threats. Our cybersecurity webpage on aba.com – aba.com/cybersecurity – is continually updated with information on the latest threats and resources to minimize their impact. Through our Corporation for American Banking, we are evaluating our cybersecurity endorsements to ensure we are offering the appropri- ate suite of products and services. And we continue to work with the administration and Congress to improve our nation’s overall cyberse- curity and enhance our capacity to share vital threat information. These are defensive actions, but we also are on offense, working to shut down cybersecurity threats. On June 5, with the assistance of the ABA, two other industry trade groups and the Federal Bureau of Investigation, Microsoft’s Digital Crimes Unit received court approval to take down a major network of infected computers, or “botnets,” known as Citadel. Botnets, which are controlled by hacker-operated servers, are used to commit financial crimes and cyberattacks, and can remain active for years if not intercepted. The Citadel botnets had infected as many as 5 million computers and had been used to compromise additional com- puters of financial institutions’ customers worldwide. The operation’s success will reduce future losses incurred by banks and their custom- ers. As these computers move off the botnet grid, they will be cleansed of malicious software, a process that is already under way. “Creating successful public-private relationships – in which tools, knowledge, and intelligence are shared – is the ultimate key to success in addressing cyber threats and is among the highest priorities of the FBI,” FBI Executive Assistant Director Richard McFeely said of the botnets takedown. Our perspective is similar. We can only effectively secure our cyber environment when banks and our partners in other industries, such as telecommunications and energy, work collaboratively with each other and government to share threat information. And we can only be effec- tive if each and every one of us takes this threat seriously. At ABA I can assure you that we take cybersecurity seriously and I hope you do, too. As with other issues crucial to our industry and our nation, bank CEOs and senior executives need to set the tone from the top on cybersecurity so everyone understands the need to remain vigilant. E-mail Frank Keating at keating@aba.com © 2013 American Bankers Association. All rights reserved. Reprinted with permission. Cybersecurity Vigilance By Frank Keating, President and CEO American Bankers Association