Financial Institutions Under Attack – Can you Bank on your Existing DDoS Mitigation?

Financial Institutions – Sitting Targets for DDoS attacks

For financial institutions, one single attack is all that is required to create significant havoc, and breach the confidence placed in them by their customers.

Financial losses can be significant too. A survey by Neustar indicates that more than 80% of financial services firms estimate a loss of $10,000 per hour during a DDoS-related outage.

It was also reported that 38% of DDoS attacks last more than 24 hours. Realistically, for threat actors, no opportunity is too small or too big. All that’s needed, is a single window of weakness and they can launch a DDoS attack.4_financials_blog2

As recently as last week, hackers were sending emails to Australian banks asking for large payments, and threatening DDoS attacks if their demands weren't met. The threat group has been emailing victims with threats to carry out distributed denial of service (DDoS) attacks unless the organizations pay hefty ransom fees in the Monero (XMR) cryptocurrency.

 

Banking on Perceived Mitigation Strategies Won’t Always Work

There have been several rampant DDoS attacks since the year 1974.

During September 2012,  Operation Ababil was launched.  The DDoS attack was not a single one, but a bunch that occurred at different periods of time.  As it was a highly sophisticated server-based bot, it used both volume-based and non-volume-based SSL DDoS attacks, which succeeded in targeting and penetrating trusted environments.

The strategy was sophisticated and standard mitigation tools were rendered useless during the attacks. Over the years, enterprises have continued to suffer from sudden DDoS attacks which have grown sneakier and increasingly more dangerous.

According to Neustar, the number of DDoS attacks and their scale of disruption, continues to grow. There has also been more than double the number of attacks of 5Gbps or under. These smaller and more carefully targeted attacks can aim to disable specific parts of a company's infrastructure without the victim noticing anything.

The question then arises as to when the next attack will occur.  No one can really predict an answer to that.  However, what we all know is: waiting for the next attack and reacting to it once it occurs is not a strategy worth considering.

 

Implications of DDoS Attacks on Financial Institutions

Privacy and Confidentiality

Hackers take advantage of DDoS attacks. Hackers use the mess and panic to destroy and manipulate behind the scenes.  To simplify this, when IT security is busy with managing the DDoS attacks – the hacker is busy stealing sensitive information.   Stealing sensitive information can be fatal for financial institutions as they contend with damages due to liability breaches from customers.

Banks can lose strategic data, which in the wrong hands could spell long term trouble.  This could take the form of competitors learning about their strategies.

Information availability

The first and most overwhelming effect of an attack is compromised availability of systems and data.  When a bank’s computer system shuts down, the whole system comes to a standstill.

This is unlike the past when banks encouraged offline transactions. Currently our institutions function mostly online and rely heavily on technology to manage operations, customers, investments and transactions.

Intention

DDoS attacks on banks are often caused with intents which can range from destabilizing the bank to attack for financial gain.  Whatever the motive or reason is, impact can be planned to cause maximum damage on a day of the week, or a time when transactions are highest.

Technology

Since DDoS attacks are technological in nature they can spread through various linkages, networks and cause maximum damage. Attacks are also able to affect several banks and branches at the same time.  Sneakier bots can remain hidden for some time before they are detected. The bots tentacles are spread, enabling them to hide in another part of the network.

 

How Financial Institutions Can Prepare for a DDoS Attack?

There are several DDoS Mitigation postures available, and financial institutions most likely have one or more of them included in their security strategy.

Research indicates that DDoS Mitigation postures are not always successful in preventing attacks. The whitepaper `Beginner’s Guide to DDoS Mitigation Technology’ carefully evaluates available postures for their advantages and disadvantages.

DDoS Mitigation that is available today in the market is inherently vulnerable. The sheer fact that it cannot identify and fix the vulnerabilities being generated underneath the network it protects, makes DDoS mitigation vulnerable to DDoS risk by 48%.

Banks today need a technology that will work with existing DDoS Mitigation. This technology should  identify, report, close and reassure that DDoS vulnerabilities underneath the network are being mitigated, whilst DDoS Mitigation is busy accessing the incoming traffic.

DDoS Radar®, a patented technology by MazeBolt , proactively identifies the problem.

DDoS Radar takes control and secures against the underneath vulnerabilities in the network, whilst DDoS mitigation is engaged in filtering out bad traffic.

 

Download Whitepaper Cost and Implications of DDoS Attack

 

References:

 

Picture of Alpana Bhoge

About Alpana Bhoge

Alpana is a passionate marketer and heads Marketing at MazeBolt. She has with 13+ years experience in Marketing. She is a tech savvy person who holds Bachelor's degree in Computer Science and Masters in Marketing.