Security Success Story

Alma Brown* loves her job as a Member Services Representative at Midwest Credit Union, where she has worked for the past nine years. In addition to keeping members happy, Alma is a conscientious credit union citizen. She chairs the Volunteer Committee and organizes an annual holiday food and toy drive. She takes member security seriously, participates in quarterly cyber security training, and mentors junior colleagues to follow best practices. Alma was surprised and embarrassed to learn that she inadvertently sparked Midwest Credit Union’s first ever cyber incident.

“I was horrified!” Alma admits. “My co-workers make fun of me for being such a rule follower and I didn’t realize that I had clicked on the wrong thing.”

Last Fall, Alma was multitasking, participating in a Zoom call with reps from another branch and simultaneously cleaning up email. She opened an email seemingly from her CFO and clicked on an embedded link that launched a strange webpage. “I was moving quickly and didn’t think anything of it,” Alma says. “I thought that maybe the email wasn’t actually for me and just moved on to the next thing.”

Unfortunately, the erroneous link was a phishing email that had eluded the credit union’s industry-leading spam protection. Alma’s click created a connection with an external server managed by a cyber terrorist, who then installed remote control software and gained access to Alma’s workstation.

“This can happen to anyone,” says Kevin Wilson, Chief Information Security Officer (CISO) at Dynamic Edge and vCISO for Midwest Credit Union. “We’re multitasking all the time and we’re simply moving too fast. The bad guys know this and exploit it.”

While Alma’s simple mistake might have led to an organization-wide disaster, Dynamic Edge’s Managed Detection and Response (MDR) protection saved the day. MDR is a security application that uses advanced machine learning and AI algorithms to analyze network traffic and identify potential threats in real-time. It enables Dynamic Edge to respond to security incidents quickly and minimize the opportunity for threats to spread across devices.

According to the 2021 Verizon Data Breach Investigations Report, 61% of data breaches involve small businesses, and many of these attacks go undetected for weeks or even months. Cyber terrorists use this time to move laterally within a network – meaning quietly taking control of one machine after another – in order steal sensitive data or encrypt files for a ransom request. Most small businesses simply can’t afford the required real-time protection. However, by partnering with Dynamic Edge on a complete security strategy, Midwest Credit Union could take advantage.

When Alma clicked on the risky link and initiated communication with the external server, MDR alerted the Dynamic Edge Help Desk and created an Emergency ticket. Dynamic Edge quickly identified the compromised machine, disconnected it from the network, and scanned the machine for unauthorized software. Fearing that the attack may have moved laterally, the Help Desk also initiated scans across all Midwest Credit Union machines to search for unauthorized software.

The Help Desk simultaneously contacted the credit union’s CIO and initiated their Incident Response Plan, a process created in collaboration with Kevin Wilson and complimented in their most recent NCUA audit. The plan details who is responsible for which tasks when a cyber incident occurs. It also complies with federal regulations and the credit union’s cyber insurance policy.

Fortunately, network scans did not identify any additional unauthorized downloads. The Help Desk scrubbed Alma’s machine and got her back to work.

“As always with security, you have to protect with layers,” explains Kevin Wilson. “As the nature of threats evolve, so must the layers and how they interact with each other.  MDR is a powerful tool that generates peace of mind for credit unions and the teams that protect them.”

Alma feels the greatest peace of all. “I just can’t imagine how awful I would have felt if a mistake I made led to member data being stolen or held for ransom. It’s crazy. I’m so grateful that our credit union invested in the protection we need to keep our members safe.”

*Names changed to protect privacy.