BB&T Site Outages Linked to DDoS
Ninth Bank to be Targeted; More to Come?BB&T Corp., a Winston-Salem, N.C.-based bank, acknowledged Oct. 17 that its website was suffering from intermittent outages related to a distributed denial of service attack. The $178.5 billion institution is the ninth U.S. bank to be affected by a DDoS strike in the last five weeks.
See Also: Gartner Market Guide for DFIR Retainer Services
"BB&T is experiencing intermittent outages on BBT.com due to a 'Denial of Service' event," bank spokesman Brian Davis told BankInfoSecurity during the late afternoon of Oct. 17.
BB&T's site outage is the second attack apparently waged by the hacktivist group Izz ad-Din al-Qassam Cyber Fighters this week. On Oct. 16, Capital One's online banking and corporate sites suffered outages believed to be caused by a second attack aimed at the bank by the hacktivist group.
CapOne's site was back up and running by the morning of Oct. 17, says spokeswoman Tatiana Stead, although some customers may continue to suffer from periodic glitches linked to ongoing system upgrades.
"All of our systems are fully operational," Stead told BankInfoSecurity. "In light of the recent events, we have taken a number of precautions which may inadvertently cause some challenges for a small number of customers visiting our website. We encourage anyone experiencing any difficulties to call our customer service."
Series of Attacks
The first attack against CapOne came Oct. 9, one day before the targeted attack against SunTrust Banks and two days before the attack against Regions Financial Corp.
On Oct. 16, a post on Pastebin claiming to be from Izz ad-Din al-Qassam claimed more attacks against U.S. banks would be waged between Oct. 16 and Oct. 18. Unlike previous attacks threatened, the group said it would not name in advance the banks to be targeted.
Izz ad-din Al Qassam said it would continue to target U.S. institutions until a YouTube movie trailer believed by the group to be anti-Islam is removed from the Internet. Experts, however, question whether that outrage is just a front for some more nefarious motive.
Mike Smith, a security evangelist with online security provider Akamai Technologies, says the fact that CapOne was targeted for a second time suggests fraud is likely the catalyst.
"We are assuming that the attackers are doing this to perpetrate fraud," Smith says. "The attackers are looking for targets that have footprints on employees' desktops so they can compromise those employees and get access to accounts. That's the assumption we are operating under at this point."
For more information about the DDoS attacks against banks, see: