Read more at the Washington CU Daily

The National Credit Union Administration and federal cybersecurity officials are urging credit unions to “adopt a heightened state of awareness” of possible cyber threats posed by Russia following its invasion of Ukraine.

NCUA officials said, in a statement, “Given current geopolitical events, the NCUA, along with CISA, the Federal Bureau of Investigation, and the National Security Agency encourage credit unions of all sizes and their cybersecurity teams nationwide to adopt a heightened state of awareness and to conduct proactive threat hunting.”

The statement continues, “Credit union leadership should be aware of critical cyber risks and take urgent steps to reduce the likelihood and impact of a potentially damaging compromise. All credit unions, regardless of their size, are potentially vulnerable to cyberattacks.”

The Department of Homeland Security recently issued two alerts addressing risks from Russian state-sponsored cyber threats and highlighting recent cyber incidents suffered by private and public entities in Ukraine.

The NCUA recently created the Automated Cybersecurity Evaluation Toolbox for federally insured credit unions to evaluate their cybersecurity posture.

The Homeland Security Department’s Cybersecurity and Infrastructure Security Agency has warned that Russian “state-sponsored advanced persistent threat (APT) actors have used common but effective tactics—including spearphishing, brute force, and exploiting known vulnerabilities against accounts and networks with weak security—to gain initial access to target networks.”

Federal officials also warned that public and private entities in Ukraine have suffered a series of malicious cyber incidents, including the defacement of websites and private sector reports of destructive malware.

NCUA officials said that cyberattacks and cybersecurity vulnerabilities pose significant risks to the financial system. Because of those risks, the agency has made cybersecurity one of the NCUA’s top supervisory priorities.