DDoS attacks against U.S. banks peaked at 60 Gbps
Banks are likely to be better protected against this wave of attacks, Arbor Networks researchers say
IDG News Service - Some of the distributed denial-of-service (DDoS) attacks that targeted the websites of U.S. financial institutions this week have peaked at 60 Gbps, according to researchers from DDoS mitigation provider Arbor Networks.
A group calling itself "Izz ad-Din al-Qassam Cyber Fighters" launched a series of DDoS attacks against the websites of several U.S. banks during September and October, severely disrupting online and mobile banking services for extended periods of time. The group claimed that the attacks were in response to a controversial film trailer mocking the prophet Muhammad not being removed from YouTube.
On Dec. 10, the same group announced that a new wave of attacks would start this week and target U.S. Bancorp, JPMorgan Chase, Bank of America, PNC Financial Services Group and SunTrust Banks. In a post on Pastebin, the group said this second phase of the operation would involve more widespread attacks.
The attacks started on Tuesday and continued Wednesday and Thursday. "PNC and other banks have experienced an unusual volume of internet traffic," PNC Bank said Wednesday in a post on its Facebook page. "As a result, some customers may experience slowness or difficulty when logging into online and mobile banking."
On Thursday, the bank posted an update saying: "PNC is experiencing an unusual volume of internet traffic consistent with recent threats against U.S. banks. Access to pnc.com, online and mobile banking is slow as we work to resolve the issue."
"Some of this week's attacks have been as large as 60 Gbps," researchers from Arbor Networks said Tuesday in a blog post. The average rate for attacks in September was 1.67 Gbps, with a peak for that month of 63.3 Gbps, according to figures from Arbor.
That said, the attacks are not that much different from the ones in September and October, according to Dan Holden, head of Arbor's security engineering and response team. There are some changes in the tools being used, but they are not significant, he said.
The attackers are using a new version of a tool called Brobot -- one of the primary tools used in the first set of the attacks -- and the main addition seems to be a new attack method that uses specially crafted DNS packets. However, this is a known technique and from an Arbor standpoint, there should be no problem defending against it, Holden said.
He believes that in general the banks and their providers are better prepared to defend against DDoS attacks now than they were two months ago. Even if some of the websites are affected, it will be less so than it was in September and October, he said.
- The Evolution of Corporate Cyberthreats Cybercriminals are creating and deploying new threats every day that are more destructive than ever before. While you may have more people devoted...
- Platfora Big Data Analytics for Network Security Platfora amplifies the effectiveness of network security analysis, providing Big Data Analytics capability to augment existing security infrastructure for known threats, and advanced...
- Automating Cost Transparency By making all of the costs of running IT transparent, IT can change the way business units consume IT resources, drive down total...
- Forrester: The Business Technology Value Scorecard The "Business Technology Value Scorecard" paper proposes four categories of KPIs as the basis for a common language of metrics between IT leaders...
- Business-driven data protection Setting up data protection infrastructures with your organizations' core mission or business in mind is key. In this webinar, the ARCserve team will...
- On-Demand Webinar: Mind the Gap! Watch the webinar featuring Bob Janssen, CTO and Co-Founder of RES Software, to start building a solid foundation for business and IT to... All Cyberwarfare White Papers | Webcasts