03-27-13 | Blog Post
In the latest distributed denial of service (DDoS) attack from the hacktivist group Izz ad-Din al-Qassam Cyber Fighters, six banks were hit simultaneously last week. In a Bank Info Security article, Radware’s security expert Carl Herberger explained that the hit on March 12th was the largest number of banks to be attacked in a single day.
The hacktivists called out Bank of America, BB&T, Capital One, Chase, Citibank, Fifth Third Bancorp, PNC, Union Bank and U.S. Bancorp as their latest targets. Keynote systems found PNC, BB&T, as well as Chase affected on March 12th, although which other banks were hit is currently unclear. Bank Info Security reports that Chase had been unavailable for most of the time from 2PM EST to 11PM EST last Tuesday.
This isn’t the only large DDoS attack that’s occurred lately. Earlier this month, Prolexic told of a U.S. electric utility company that was targeted, taking its website, online payment, and pay-by-phone systems down for two days. During that time, the utility provider’s one million customers weren’t able to pay their bills online, or by calling. Also, employees were not able to receive phone calls externally. While the attack was similar to the ones currently plaguing the banking industry, it’s unclear whether or not the same attackers are responsible.
In addition, three different online role-playing games (RPGs) were subject to a DDoS attack last week, by the same bank-targeting botnet we’ve been seeing for months. With many different groups being targeted by these attacks, it’s now starting to raise concerns in more than just the banking industry. So, how can companies work to try and preempt this sort of attack?
Well, one way could be to distribute your network. Outsourcing part of your network means a targeted attack against your company will not hit all your servers. You then have the opportunity to shift the load to the other servers and, with little to no downtime, get everything up and running again.
Not to mention, outsourcing means you’re able to take advantage of the robust security features that hosting providers specialize in. Having resources like a web application firewall (WAF) without having to invest the time, money, and resources to take care of it in-house can be a more efficient and safe way to try and reduce the effect of DDoS attacks.
With attacks like these, how closely you monitor your traffic is going to be a factor in how badly you’re affected. That means if you aren’t able to use a hosting provider with features like vulnerability scanning and daily log review to keep you aware of any odd behavior, it would do you well to have a very good relationship with your Internet Service Provider (ISP). They may help you monitor the traffic to your site, making note of any abnormal and potentially malicious behavior to prevent an attack.
Other Reading:
Unencrypted Data Big Problem For Banks, Merchants
State of Cloud Security: Vetting Applications and Cloud Providers For Compliance and Security
HIPAA In a HITECH World: Redundant Testing For High Availability