Cyber and data security remain a priority issue for banks. Criminals are constantly searching for creative new ways to obtain money from banks and customers through fraud and cybersecurity vulnerabilities. And as consumers and businesses rely more on electronic devices such as computers, tablets, and smartphones to bank and shop online, vulnerabilities increase. ABA offers resources to help banks prevent, identify, measure and report fraud, and to serve and protect consumers and their financial data.
Security Alert: BASH/Shellshock Remote Code Execution Vulnerability
On September 25, the FS-ISAC issued a statement regarding the newly discovered security vulnerability affecting Unix-based operating systems such as Linux and Mac OS X. Known as Bash/Shellshock, this bug may pose a significant threat to systems and network by allowing a remote attacher to execute arbitrary code on an affected system to further compromise the system and any data stored/processed by it, or to cause a loss of service. Read the statement.
To help communicate with staff and customers on this issue, ABA developed a Frequently Asked Questions document available here.
In addition, a member has shared their sample communications developed to educate several stakeholders on this issue; specifically: CEOs; Chief Operating and Chief Risk Officers; employees; and externally hosted vendors.