Financial Institutions – Sitting Targets for DDoS attacks
For financial institutions, one single attack is all that is required to create significant havoc, and breach the confidence placed in them by their customers.
Financial losses can be significant too. A survey by Neustar indicates that more than 80% of financial services firms estimate a loss of $10,000 per hour during a DDoS-related outage.
It was also reported that 38% of DDoS attacks last more than 24 hours. Realistically, for threat actors, no opportunity is too small or too big. All that’s needed, is a single window of weakness and they can launch a DDoS attack.
As recently as last week, hackers were sending emails to Australian banks asking for large payments, and threatening DDoS attacks if their demands weren't met. The threat group has been emailing victims with threats to carry out distributed denial of service (DDoS) attacks unless the organizations pay hefty ransom fees in the Monero (XMR) cryptocurrency.
Banking on Perceived Mitigation Strategies Won’t Always Work
There have been several rampant DDoS attacks since the year 1974.
During September 2012, Operation Ababil was launched. The DDoS attack was not a single one, but a bunch that occurred at different periods of time. As it was a highly sophisticated server-based bot, it used both volume-based and non-volume-based SSL DDoS attacks, which succeeded in targeting and penetrating trusted environments.
The strategy was sophisticated and standard mitigation tools were rendered useless during the attacks. Over the years, enterprises have continued to suffer from sudden DDoS attacks which have grown sneakier and increasingly more dangerous.
According to Neustar, the number of DDoS attacks and their scale of disruption, continues to grow. There has also been more than double the number of attacks of 5Gbps or under. These smaller and more carefully targeted attacks can aim to disable specific parts of a company's infrastructure without the victim noticing anything.
The question then arises as to when the next attack will occur. No one can really predict an answer to that. However, what we all know is: waiting for the next attack and reacting to it once it occurs is not a strategy worth considering.
Implications of DDoS Attacks on Financial Institutions
Privacy and Confidentiality
Hackers take advantage of DDoS attacks. Hackers use the mess and panic to destroy and manipulate behind the scenes. To simplify this, when IT security is busy with managing the DDoS attacks – the hacker is busy stealing sensitive information. Stealing sensitive information can be fatal for financial institutions as they contend with damages due to liability breaches from customers.
Banks can lose strategic data, which in the wrong hands could spell long term trouble. This could take the form of competitors learning about their strategies.
The first and most overwhelming effect of an attack is compromised availability of systems and data. When a bank’s computer system shuts down, the whole system comes to a standstill.
This is unlike the past when banks encouraged offline transactions. Currently our institutions function mostly online and rely heavily on technology to manage operations, customers, investments and transactions.
DDoS attacks on banks are often caused with intents which can range from destabilizing the bank to attack for financial gain. Whatever the motive or reason is, impact can be planned to cause maximum damage on a day of the week, or a time when transactions are highest.
Since DDoS attacks are technological in nature they can spread through various linkages, networks and cause maximum damage. Attacks are also able to affect several banks and branches at the same time. Sneakier bots can remain hidden for some time before they are detected. The bots tentacles are spread, enabling them to hide in another part of the network.
How Can Financial Institutions Prepare for a DDoS Attack?
There are several DDoS Mitigation postures available, and financial institutions most likely have one or more of them included in their security strategy.
Research indicates that DDoS Mitigation postures are not always successful in preventing attacks. The whitepaper `Beginner’s Guide to DDoS Mitigation Technology’ carefully evaluates available postures for their advantages and disadvantages.
DDoS Mitigation that is available today in the market is inherently vulnerable. Even with the most sophisticated DDoS mitigation and testing solutions deployed, most companies are left with a staggering 48% DDoS vulnerability level
Banks today need a technology that will work with existing DDoS Mitigation. This technology should identify, report, close and reassure that DDoS vulnerabilities underneath the network are being mitigated, whilst DDoS Mitigation is busy accessing the incoming traffic.
RADAR™ takes control and secures against the underneath vulnerabilities in the network, whilst DDoS mitigation is engaged in filtering out bad traffic.