Attacks Put Banks on Alert

Understanding Motives Behind DDoS Attacks

By , September 28, 2012.
Attacks Put Banks on Alert

The series of online attacks against major banks that unfolded over the last two weeks has proven to be a catalyst for heightened industry cooperation and information sharing (see More U.S. Banks Report Online Woes).

See Also: Actionable Threat Intelligence: From Theory to Practice

One security and fraud executive at a $4 billion banking institution, who asked not to be named, says collaboration among banking institutions, online-banking platform providers, other vendors, industry associations and the government, has been stronger than ever. "There definitely seems to be more of a community effort for the first time here to address this issue. And now we are seeing a real-life situation where we've had to pull together and be prepared," the executive says.

Doug Johnson, vice president of risk management policy for the American Bankers Association and a member of the Financial Services Information Sharing and Analysis Center, says working with the government to prepare for emerging cyberthreats is an increasing priority.

"Through the ISAC we have a deep information-sharing relationship with DHS [the Department of Homeland Security] that transcends any specific event," he says.

That collaboration and information sharing also is getting global attention, says Neira Jones, a financial and cyberfraud expert who oversees payments security for Barclays.

In the U.S., "the environment is more open to communicating about attacks," she says (see EU Banks Not Prepared for Attacks).

Alerts and warnings issued last week by the Federal Bureau of Investigation and the FS-ISAC prove how much communication is improving, says Bill Wansley, a financial fraud and security consultant at Booz Allen Hamilton.

"There was an early warning that there were attacks aimed at these institutions," and that gave the industry time to prepare, Wansley says.

The bank executive who asked not to be named confirms those early warnings are benefitting the entire industry. "I do get notification from those entities and from the vendors to stay abreast of the threats," the executive says. "That has allowed us to address the threats. We're in the middle of it right now, so we are just focused on being prepared."

Lack of Consumer Outreach?

But Greg Nowak of the Information Security Forum, contends the affected banks have not done enough to communicate with consumers about what is actually causing the outages (see Banks Under Attack: PR Missteps).

"The banks that have been affected are missing a great opportunity to communicate and educate their users," Nowak says. "I've tried visiting the sites, and there's nothing on any of the bank sites that says, 'Here's what's going on; here's how you can understand it. Your information is safe.'"

Third-party sites have tracked the attacks and outages well, but the institutions themselves have been too quiet, he adds.

"They seem to be regarding it as a secret," Nowak says. "They say, 'Some people have access issues.' Well, people know they have access issues. [The banks] should be taking the opportunity to explain to their customers the difference between a denial of service attack and some sort of hacking attack that actually puts information at risk."

A Political Motive

So far, the online outages, apparently caused by denial of service of attacks, have hit Bank of America, Chase, Wells Fargo, U.S. Bank and PNC.

Security experts say all five site takedowns are linked, and most likely were caused by the self-proclaimed hacktivist group known as Izz ad-Din al-Qassam Cyber Fighters.

Izz ad-din Al Qassam says it targeted BofA and the others for political reasons - over displeasure with an American film perceived to be anti-Islam (see High Risk: What Alert Means to Banks).

All five institutions that experienced outages have confirmed that no sensitive financial information or personally identifiable information about customers was exposed. Observers say that's because these attacks were motivated by politics, not fraud.

Follow Tracy Kitten on Twitter: @FraudBlogger

  • Print
  • Tweet Like LinkedIn share
Get permission to license our content for reuse in a myriad of ways.
ARTICLE Employing Technology to Ensure Privacy

Automating the process of excising personally identifiable information when sharing data is a...

Latest Tweets and Mentions

ARTICLE Employing Technology to Ensure Privacy

Automating the process of excising personally identifiable information when sharing data is a...

The ISMG Network