DDOS IS MOST COMMON CYBER ATTACK ON FINANCIAL INSTITUTIONS
2 Feb 2016

A distributed denial of service (DDoS) attack on HSBC’s online banking services is not unusual or surprising, according to information security experts.

With financial institutions underpinning whole economies, they are a choice vertical target for an impactful DDoS attack, said Richard Brown, European director for channels and alliances at Arbor Networks.

“Add to this the fact that 29 January was payday for many people – meaning more people trying to access the website and therefore a bigger audience – HSBC was an ideal target,” he said.

The 2015 Verizon Data Breach Investigations Report (DBIR) shows that DDoS attacks are the most common form of attack against financial services businesses, accounting for 32% of all attacks analysed in the report. And Arbor Networks’ recent Worldwide Infrastructure Security Report found that 57% of financial institutions have experienced a DDoS attack – the highest of any sector.

Laurance Dine, managing principal, investigative response at Verizon Enterprise Solutions, said that unlike other types of cyber attack that expose sensitive data, DDoS attacks are mainly about disruption.

DDoS attacks typically flood online systems, such as internet banking sites or online trading platforms, with vast amounts of data in order to overload them and take services offline.

HSBC said it had successfully fought off a DDoS attack to avoid disruption to customer transactions, but services were unavailable to many customers for most of 29 January.

Because the financial services sector is a regular target for DDoS attacks, most organisations in the industry are fairly well prepared, but such attacks are not confined to this sector, so all organisations need to take this threat seriously.

The Arbor Networks report also shows that average-intensity DDoS attacks are now powerful enough to knock most businesses offline.

The report notes that DDoS attacks are being used mostly by cyber criminals to demonstrate their attack capabilities, mainly for extortion purposes.

Other cyber criminal groups sell DDoS services that are aimed at enabling business organisations to disrupt the online services of their competitors.

A growing number of businesses are also seeing DDoS attacks being used as a distraction or smokescreen for installing malware and stealing data.

Taken together, these trends mean that virtually no organisation can say it is unlikely to be hit by a DDoS attack because DDoS services make attacks easier to carry out by a range of actors for a variety of motives.

 

Source: Computer Weekly