Alliant Credit Union of Chicago, IL is the sixth largest U.S. credit union based on asset size and serves more than 280,000 members. As a member-owned financial cooperative, Alliant provides remote, electronic-based financial services to persons who work at qualifying global organizations across many different industries and those who live in a qualifying Chicagoland community. Members can and do live anywhere across the U.S. and abroad, so Alliant makes it possible for them to bank anywhere, anytime with online banking services, an ATM network and other services delivered electronically.
“The majority of our member transactions take place through remote electronic channels, including online banking and a mobile banking application,” Bill Podborny, Chief Security Officer says.
“With around 50,000 member logins per day, the availability and uptime of these channels is critical to delivering our services globally. We needed assurance that we could recover from a distributed denial of service (DDoS) attack quickly and with minimal downtime. Most of all, we wanted to give our members the confidence that we were protecting the availability of their assets with us.”
Podborny evaluated several DDoS mitigation services providers, including Alliant’s upstream Internet service provider, against some tough requirements, including a defined set of service level agreements and most of all the assurance of fast DDoS mitigation.
“Because of our nationally-distributed IT infrastructure, we wanted a DDoS mitigation service provider who could offer both proxy and routed services,” Podborny says. “It was also important to have a provider with deep experience in DDoS who could quickly adjust on-the-fly to mitigate new types of attacks instead of relying only on a canned mitigation platform. We weren’t willing to handle the challenge of dealing with changing attack signatures in-house, and we didn’t have the specific 24/7 staff to monitor for DDoS. But Prolexic had everything we were looking for.”
Prolexic also met Alliant’s requirement to successfully mitigate multiple attacks at the same time. Podborny was also convinced by Prolexic’s industry reputation as the leader in DDoS protection. “Some of our peers in the credit union industry are using Prolexic and they spoke highly of the company, so that gave us some confidence, too,” he says. “Leveraging partnerships with other credit unions and sharing information on DDoS preparedness are two things you can do and it only costs you a little time.”
Alliant took a phased approach to implementing Prolexic’s services. Prolexic first deployed its mitigation service so that Alliant would be protected during the implementation of Prolexic Routed. After implementation, Alliant and Prolexic worked together to test the system and prepare a DDoS mitigation run book that would become part of Alliant’s incident response plan.
Alliant’s run book contains the step- by-step roles and responsibilities of every department in the firm, not just IT, in case of a DDoS attack. Alliant’s run book also contains a list of Internet-dependent applications, such as cloud services for the firm’s different business areas, and how to respond if a DDoS attack takes place. “With the Prolexic solution we were able to get DDoS protection in place in a matter of hours and bridge the gap until we could make some configuration changes for Prolexic Routed,” Podborny says. “Although we were not under DDoS attack, we tested the running of our web presence through Prolexic and we noticed no disruption in services as we cut over to Prolexic and back. Latency and site performance remained very good.”
Alliant also deployed Prolexic’s monitoring services to evaluate some of its Netflow traffic. “This is another way we are being proactive,” Podborny says. “That data can be useful to Prolexic as an early warning as it monitors for attacks. We don’t have to be under a full-scale attack before anything is noticed.” Podborny also cautions other credit unions to be aware that DDoS can be used as a distraction by an attacker to cover other fraudulent activities. “If you are under DDoS attack, keep your guard up for other anomalies at the same time,” Podborny says.
“The attack could be a ruse to distract your focus from other key processes, such as fraudulent transactions, or outright destruction of data.”
Alliant Credit Union selected Prolexic Routed as its frontline defense against distributed denial of service attacks. Alliant’s proactive measures against DDoS are right in line with the preparation strategies recommended by the National Credit Union Administration (NCUA) in a special alert.
Podborny knows that the threat of DDoS always looms over the financial industry. That’s why Alliant made modifications to its existing incident response plan as a result of the DDoS mitigation run book the company developed with Prolexic. In the end, Alliant’s proactive approach to DDoS protection is all about putting their members first and protecting the availability and integrity of its assets.
“Any credit union or financial institution that relies heavily on the electronic channel to deliver services should have some kind of DDoS protection in place and incorporate it into their incident response plan,” Podborny says. “Also, keep in mind that one size doesn’t fit all when it comes to DDoS mitigation service providers. At Alliant we wanted the brains behind DDoS mitigation and that’s what Prolexic gives us.”