HSBC Holdings, a British multinational bank with U.S. headquarters in Mettawa, Ill., on Oct. 18 became the 10th bank in recent weeks to suffer online outages as a result of a distributed denial of service attack.
See Also: Rethinking Endpoint Security
The $317.5 billion institution reported that its websites worldwide were knocked out of service as a result of the attack.
"The denial of service attack did not affect any customer data, but did prevent customers from using HSBC online services, including Internet banking," Neal McGarity, a company spokesman, told BankInfoSecurity the afternoon of Oct. 18. "We are taking appropriate action, working hard to restore service. We are pleased to say that some sites are now back up and running."
HSBC is cooperating with law enforcement authorities on an investigation and is working with other organizations that have been similarly affected by attacks, McGarity said.
HSBC apparently is the latest victim in a series of attacks by the hacktivist group Izz ad-Din al-Qassam Cyber Fighters.
On Oct. 17, BBT Corp., a Winston-Salem, N.C.-based bank, acknowledged that its website suffered from intermittent outages related to a DDoS attack. And Capital One experienced its second DDoS attack on Oct. 16.
An Oct. 16 post on Pastebin claiming to be from Izz ad-Din al-Qassam said more attacks against U.S. banks would be waged between Oct. 16 and Oct. 18. Unlike its previous attack threat announcements, the group said it would not name in advance the banks to be targeted.
Izz ad-din Al Qassam said it would continue to target U.S. institutions until a YouTube movie trailer believed by the group to be anti-Islam is removed from the Internet. Experts, however, question whether that outrage is just a front for some more nefarious motive.