DDoS attacks against U.S. banks peaked at 60 Gbps
Banks are likely to be better protected against this wave of attacks, Arbor Networks researchers say
IDG News Service - Some of the distributed denial-of-service (DDoS) attacks that targeted the websites of U.S. financial institutions this week have peaked at 60 Gbps, according to researchers from DDoS mitigation provider Arbor Networks.
A group calling itself "Izz ad-Din al-Qassam Cyber Fighters" launched a series of DDoS attacks against the websites of several U.S. banks during September and October, severely disrupting online and mobile banking services for extended periods of time. The group claimed that the attacks were in response to a controversial film trailer mocking the prophet Muhammad not being removed from YouTube.
On Dec. 10, the same group announced that a new wave of attacks would start this week and target U.S. Bancorp, JPMorgan Chase, Bank of America, PNC Financial Services Group and SunTrust Banks. In a post on Pastebin, the group said this second phase of the operation would involve more widespread attacks.
The attacks started on Tuesday and continued Wednesday and Thursday. "PNC and other banks have experienced an unusual volume of internet traffic," PNC Bank said Wednesday in a post on its Facebook page. "As a result, some customers may experience slowness or difficulty when logging into online and mobile banking."
On Thursday, the bank posted an update saying: "PNC is experiencing an unusual volume of internet traffic consistent with recent threats against U.S. banks. Access to pnc.com, online and mobile banking is slow as we work to resolve the issue."
"Some of this week's attacks have been as large as 60 Gbps," researchers from Arbor Networks said Tuesday in a blog post. The average rate for attacks in September was 1.67 Gbps, with a peak for that month of 63.3 Gbps, according to figures from Arbor.
That said, the attacks are not that much different from the ones in September and October, according to Dan Holden, head of Arbor's security engineering and response team. There are some changes in the tools being used, but they are not significant, he said.
The attackers are using a new version of a tool called Brobot -- one of the primary tools used in the first set of the attacks -- and the main addition seems to be a new attack method that uses specially crafted DNS packets. However, this is a known technique and from an Arbor standpoint, there should be no problem defending against it, Holden said.
He believes that in general the banks and their providers are better prepared to defend against DDoS attacks now than they were two months ago. Even if some of the websites are affected, it will be less so than it was in September and October, he said.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Pay-as-you-Grow Data Protection: IBM Tivoli's Full-featured Data Protection Suite for Small to Medium Businesses IBM Tivoli Storage Manager Suite for Unified Recovery gives small and medium businesses the opportunity to start out with only the individual solutions...
- Streamline Data Protection with IBM Tivoli Storage Manager Operations Center IBM Tivoli Storage Manager (TSM) has been an industry-standard data protection solution for two decades. But, where most competitors focus exclusively on Backup...
- Simplify and Consolidate Data Protection for Better Business Results Learn about IBM® Tivoli® Storage Manager Operations Center, which provides advanced visualization, built-in analytics and integrated workflow automation features that leapfrog traditional backup...
- HP HAVEn: See the big picture in Big Data HP HAVEn is the industry's first comprehensive, scalable, open, and secure platform for Big Data. Enterprises are drowning in a sea of data...
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well...
- The New Way to Work Knowledge Vault This Knowledge Vault focuses on how, in today's increasingly virtual world, it's more important than ever to engage deeply with employees, suppliers, partners,... All Cyberwarfare White Papers | Webcasts