5 Banks Targeted for New DDoS Attacks

Hacktivist Group Warns of 'Widespread' Strikes
5 Banks Targeted for New DDoS Attacks

Izz ad-Din al-Qassam Cyber Fighters has announced the "second phase" of its hacktivist campaign, saying five major U.S. banks will be the victims of new distributed-denial-of-service attacks starting this week.

See Also: Hunt Cloud Threats or Be Hunted | CISO Guide to Cloud Compromise Assessments

U.S. Bancorp, JPMorgan Chase, Bank of America, PNC Financial Services Group and SunTrust Banks are the latest targets, according to the group, which announced its plans in a Dec. 10 Pastebin posting.

"In [this] new phase, the wideness and the number of attacks will increase explicitly; and offenders and subsequently their governmental supporters will not be able to imagine and forecast the widespread and greatness of these attacks," the group writes.

Each of these five banks suffered DDoS attacks during phase one of the hacktivist group's campaign, which ran roughly from mid-September to mid-October. During that period, the group claimed responsibility for attacks on 10 major banks. Each institution was warned ahead of time, but none was able to completely fend off the attacks, which caused online banking outages of varying lengths.

Reprisal Against Film

Starting in mid-September, DDoS attacks resulted in online outages at Bank of America, Chase Bank, Wells Fargo, PNC Bank, U.S. Bancorp, SunTrust, Regions Bank, HSBC Holdings, BB&T Corp. and Capital One.

In taking credit for these attacks, Izz ad-Din al-Qassam Cyber Fighters said the motivation was outrage related to a YouTube movie trailer deemed offensive to Muslims.

In its latest posting, the group repeats its vow to continue attacks until the U.S. removes the offensive video from the Internet.

"The implementing of these attacks is because of widespread and organized offends to Islamic spirituals and holy issues," the group says, adding "if this offended film is going to be eliminated from the internet, the belonging attacks also will be stopped."

Reducing Risks

Security experts say DDoS attacks are often used as tools of distraction to mask fraud in the background (see What to Do About DDoS Attacks). To reduce risk of DDoS takedown, experts advise banking institutions to:

  • Use appropriate technology, including cloud-based Web servers, which can handle overflow when high volumes of Web traffic strike;
  • Assess ongoing DDoS risks, such as through tests that mimic real-world attacks;
  • Implement online outage mitigation and response strategies before attacks hit;
  • Train staff to recognize the signs of a DDoS attack.

BITS, the technology division of the Financial Services Roundtable, offers a seven-point response plan that includes assessing security controls and communicating with customers (see Bank Attacks: 7 Steps to Respond). Specific steps include:

  • Review the software patch status of the network, and manage network bandwidth to minimize non-DDoS-attack related issues. Also, review ongoing strategies for patching IT systems.
  • Coordinate with ISPs and other service providers to implement traffic controls such as scrubbing, rate-limiting and source-blocking.
  • Ensure post-attack communications strategies include internal and external incident notification.

For more on responding to DDoS attacks, see this new webinar from Information Security Media Group: The New Wave of DDoS Attacks: How to Prepare and Respond.

About the Author

Information Security Media Group

Information Security Media Group (ISMG) is the world's largest media company devoted to information security and risk management. Each of its 37 media sites provides relevant education, research and news that is specifically tailored to key vertical sectors including banking, healthcare and the public sector; geographies from North America to Southeast Asia; and topics such as data breach prevention, cyber risk assessment and fraud. Its yearly global summit series connects senior security professionals with industry thought leaders to find actionable solutions for pressing cybersecurity challenges.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.