Some of the recent DDoS attacks have targeted banks and financial institutions in an effort to cover up attempted security breaches and fraudulent transactions. The Department of Justice, the FBI, and the Copyright Office have all experienced disruptions in service by denial of service attacks in the past – meaning distributed denial of service attacks are a serious problem.
Financial institutions and government agencies are paying a close eye to the development of recent DDoS attacks. Cyber criminals and “hacktivists” are increasing the strength of attacks and using them as distractions to further other crimes, like consumer fraud and fraudulent ACH transactions. Earlier this week, the Office of the Comptroller of the Currency (OCC) issued a warning to banks and financial institutions to be on alert for upcoming attacks. There has been a lot of coverage in the news lately regarding Izz ad-Din al-Qassam Cyber Fighters, who have claimed responsibility for the recent attacks on JPMorgan Chase Bank, Bank of America, and US Bancorp, among others.
Banks are not the only businesses targeted by denial of service attacks – nearly every industry or niche has been targeted at one point. Sites particularly vulnerable are government and political websites, large retailers, online gaming sites, and high profile websites. The list doesn’t stop there. Many websites are attacked for no apparent reason – often times simply for disruption or unwarranted retaliation. Some webmasters have even been suspicious that competitors use DDoS attacks as a way to damage brand reputation and trust.
Efforts are now underway to create more dialogue between financial institutions themselves. The purpose is to speed up the flow of communication, so early warnings can be sent to out to other banks to raise awareness and preparedness. Denial of service attacks come in many varieties, but they essentially come in two forms: single-origin and botnet. Each form of attack has the ability to take a site offline, but botnets are especially difficult to combat because of the sheer scale of the attack.
Distributed denial of service, or DDoS, happens when a hacker, or hacker group, sends a huge volume of traffic to a target machine or website. Servers have a finite amount of resources. Scalable hosting is possible, but true unlimited hosting is a myth. All hardware has limitations. Hackers capitalize on this knowledge by ratcheting up traffic volume to the point that the server cannot respond to legitimate information requests from real people attempting to access the site. The tell-tale signs – a website that is low to load or won’t respond at all. You may have experienced this at one point trying to log into your online banking account this month. When the volume of malicious traffic eats up the resources of the server it shuts down, along with all of the websites currently occupying that machine.
DDoS mitigation helps offset or eliminate the affects of the attack. DDoS mitigation can be an involved process, requiring specialized hardware, software, and of course – the knowledge to combat the problem. Often times, banks (and other businesses needing DDoS protection during an attack) will enlist a third-party provider to mitigate the traffic through proxy filtering. All traffic is routed to the anti-ddos provider, bad traffic is filtered out, and good traffic is routed back to its original destination.
Any business prone to attack, government agency, or financial institution is considered “high risk hosting” – meaning they require special attention because they tend to deal with repeated attempts bent on compromising their network.
Since sensitive information is shared and stored in financial computer systems, the need for protection is most important. Cybercriminal activity trends show that sometimes even rudimentary techniques can affect large government and banking websites. Small attacks still have the power to stop valuable email communications from being sent. Stopping communication increases risk and affects proper mitigation. Cyber pirates use social media to coordinate, organize, plan, and launch these attacks. Having recovery plans in place and alternate communication channels open is vital to DDoS mitigation.
These attacks are constantly evolving, which means a focus on mitigation and awareness needs to be a part of every business’ risk management and recovery plan. It’s often best to strategically partner with a DDoS protection company in advance, so you’ll be prepared to handle a denial of service attack quickly and with as little interruption as possible.