FFIEC joint statements on cyber-attacks

The FDIC has issued two Financial Institution Letters to distribute joint statements by the members of the FFIEC relating to the risks of cyber-attacks.

• FIL-10-2014 includes an FFIEC statement describing risks related to recent cyber-attacks on ATMs and card authorization systems that have resulted in large dollar frauds, often called Unlimited Operations.
• FIL-11-2014 transmits a statement notifying institutions of the risks associated with the continued distributed denial of service (DDoS) attacks on public-facing Web sites and the steps institutions are expected to take to address the risks posed by such attacks.