Long considered a nuisance, distributed-denial-of-service attacks, or DDoS, are growing problem for banks and other financial businesses, according to a new report.
The volume of DDoS attacks targeting financial firms increased 22% year-over-year as of November, according to a new report first provided to Bloomberg News by the Financial Services Information Sharing and Analysis Center, which is known as FS-ISAC. The issue is particular pronounced in Europe, where financial services saw a 73% increase in DDoS attacks, according to the report.
DDoS attackers marshal an army of connected devices – known as a botnet – and direct Internet traffic at a website to disrupt it or shut it down. Such attacks have been around for decades, and cybersecurity companies sell products that can mitigate most incidents.
Still, DDoS has stubbornly persisted, as the attacks have gotten more powerful and easier for non-technical bad actors to execute, according to cybersecurity experts.
“I think it’s important to know that in general, when it comes to DDoS attacks, they’re here to stay,” said Teresa Walsh, FS-ISAC’s global head of intelligence.
Last year, DDoS attacks were used to further political aims, targeting those who have taken sides – even indirectly – in the war in Ukraine or other in geopolitical hotspots, including China and Taiwan, according to the report. A group called Killnet, aligned with Russian interests, has waged a campaign of DDoS attacks on websites of businesses, governments and airports in the last year.
Last week, for instance, Killnet claimed credit for a DDoS campaign in Germany that targeted airport websites, the financial sector and federal and state authorities. The attack, which took place in late January, was fended off, for the most part, and didn’t lead to serious consequences, the German Federal Office for Information Security said in a statement.
“DDoS is a favorite tool of hacktivist groups because unlike other forms of cyberattacks, you kind of know when it’s worked,” said Boaz Gelbord, chief of security at Akamai Technologies Inc, which worked with FS-ISAC to compile the report. “When services that are commonly used by the public are unavailable, that causes a big splash.”
Attackers are also using DDoS as a technique to extort companies or organisations. For instance, attackers demanded money in a string of attacks in 2020 that targeted the New Zealand Stock Exchange and more than 100 other companies.
In addition, DDoS attacks can now be purchased online by anyone with an internet connection and a dark web browser, according to the report. The DDoS-for-hire model is one currently deployed by some ransomware groups that, for a price, provide their malware to “affiliates” who then conduct the attacks.
The explosion of Internet-connected devices has also contributed to the rise because they provide a vast pool of poorly secured products that can be marshaled to serve as botnets and amplify attacks. Some attacks have become so powerful that they can overwhelm mitigation measures, according to the report.
The financial sector has experience with DDoS incidents. A wave of attacks against banks starting in 2011 disabled websites, prevented customers from accessing online accounts and cost the victims tens of million of dollars to remediate them, according to the US Department of Justice, which indicted seven Iranians in 2016 for the incidents. – Bloomberg