Are Banks Winning the DDoS Battle?

Traffic Monitoring Shows Decline in Online Outages

By , January 18, 2013.
Are Banks Winning the DDoS Battle?

Despite the claims of hacktivists, U.S. banking institutions say their websites now suffer fewer and less severe outages linked to traffic surges tied to distributed-denial-of-service attacks. And online traffic patterns tracked by one third-party monitoring service appear to support the banks' contention.

See Also: Identity, Security and Risk Requirements for a New IAM Architecture

Keynote Systems Inc., an Internet and mobile cloud testing and monitoring firm that tracks online traffic, reports that outages affecting U.S. banking websites have declined in recent weeks, during phase 2 of the hacktivists' DDoS campaign. Keynote tracks site availability statistics for all leading U.S. financial institutions and other companies across numerous industries.

Last fall, during phase 1 of the campaign, monitored banks' websites were showing a 94.86 percent reliability response rate - a "pretty bad" rating, according to Keynote's statistics.

But for the week ending Jan. 13 - amidst the hacktivists' highly-touted phase 2 campaign - that rate had risen to an average of 97.21 percent.

Some observers site these stats as evidence that banks have improved their abilities to detect and defend against DDoS attacks. Others warn that traffic patterns also show that banks are not the only entities facing DDoS attacks, and all organizations should be on notice to defend against this growing threat.

"Whilst [traffic attributed to DDoS] has fluctuated, it has remained above the norm relative to previous reporting periods," says DDoS expert John Walker, who also serves as the chairman of ISACA's Security Advisory Group in London. "Thus, the problem of attack conditions and DDoS are very present and represent a growing threat."

Traffic Patterns

Since mid-September, the hacktivist group Izz ad-Din al-Qassam has taken credit for DDoS attacks launched against leading U.S. banks. So far, the group, in protest of a YouTube video deemed offensive to Muslims, has claimed attacks against PNC Financial Services Group, BB&T Corp., Fifth Third Bank, Bank of America, JPMorgan Chase, Citigroup, Wells Fargo, U.S. Bancorp, CapitalOne, HSBC, Ally Bank, SunTrust Banks, Regions Financial Corp. and, most recently, Zions Bancorp.

On Jan. 1, the group boasted that it would step up its assaults in the New Year. "Rulers and officials of American banks must expect our massive attacks," the group posted on Pastebin. "From now on, none of the U.S. banks will be safe from our attacks."

But Ben Rushlo, Keynote's director of performance management, says traffic patterns suggest U.S. banks have done better maintaining site availability since mid-December, when the second DDoS campaign began.

"We've got a good feel for whether the banks are getting hit," Rushlo says. "We would definitely be seeing error messages on our end if the sites were down, just like any online user would."

Traffic statistics collected by Keynote reflect average online response times and reliability rates for leading institutions.

Pointing to the most recent set of traffic stats, collected for the week beginning Jan.7 and ending Jan. 13, Keynote cites an average reliability response rate of 97.21 percent for the homepages, online-banking login/account summary pages, transaction detail pages and logout pages for 13 leading U.S. institutions.

As a note of comparison, stats collected for the week beginning Sept. 24 and ending Sept. 30 - around the time Izz ad-Din al-Qassam's attacks were initiated - reveal the average reliability response rate for those pages was 94.86 percent.

Rushlo says 99.5 percent reliability is the typical "gold standard" for banks and other brokerages. "So, 97 percent is not good, and 94 is pretty bad," he says. "However, because we are averaging, then any single bank can pull down the average."

But relatively speaking, financial institutions' websites have the highest overall reliability compared to other industries, he adds.

Over the past month, Keynote has noted online availability issues affecting Regions Bank, PNC, Capital One, HSBC, BB&T and Wells Fargo. Most of those problems have subsided, despite some ongoing issues still plaguing BB&T and HSBC this week, Rushlo adds. "But none of the other major banks are having anything significant, as far as technical struggles."

Follow Tracy Kitten on Twitter: @FraudBlogger

  • Print
  • Tweet Like LinkedIn share
Get permission to license our content for reuse in a myriad of ways.
ARTICLE Who Disrupted Internet in North Korea?

The Internet reportedly went dark in North Korea on Dec. 22, days after President Obama pledged...

Latest Tweets and Mentions

ARTICLE Who Disrupted Internet in North Korea?

The Internet reportedly went dark in North Korea on Dec. 22, days after President Obama pledged...

The ISMG Network