FDIC Header Test

Federal Deposit
Insurance Corporation

Each depositor insured to at least $250,000 per insured bank

Directors' Resource Center
Technical Assistance Video Program

Cyber Challenge: A Community Bank Cyber Exercise

The FDIC created Cyber Challenge: A Community Bank Cyber Exercise to encourage community financial institutions to discuss operational risk issues and the potential impact of information technology disruptions on common banking functions.


Introduction

Link to YouTube Video

Purpose, Background, and Ground Rules


Vignette 1 - Item Processing Failure
A new item processing service provider cannot process the volume of transactions generated by the bank.

Approximate run time: 03:46

Link to YouTube Video

Challenge Materials - PDF


Vignette 2 - Customer Account Takeover
Unauthorized withdrawals from a corporate customer’s account.

Approximate run time: 02:44

Link to YouTube Video

Challenge Materials - PDF


Vignette 3 - Bank Internal Error/Phishing & Malware Problem
Phishing email is opened by a bank employee, and the bank’s network is infected with malware.

Approximate run time: 01:36

Link to YouTube Video

Challenge Materials - PDF


Vignette 4 - Technology Service Provider Problem
Problems occur after the financial institution’s service provider performed an update.

Approximate run time: 02:27

Link to YouTube Video

Challenge Materials - PDF


Vignette 5 - Ransomware

A cyber-attack has taken place. Word processing files are being held for ransom.

Link to YouTube Video

Challenge Materials - PDF


Vignette 6 - ATM Malware

An ATM virus reveals difficiencies in a bank's sevice provider contract.

Link to YouTube Video

Challenge Materials - PDF


Vignette 7 - DDoS as a Smokescreen

While the IT manager investigates a possible DDoS attack, a second attack exfiltrates data from the institution.

Link to YouTube Video

Challenge Materials - PDF