08 December 2016
Visit aciworldwide.com

Banks told to step up security over DDoS attacks

26 October 2012  |  8367 views  |  1 Security

With more than a dozen major bank Web sites targeted in DDoS attacks over the last month, financial institutions need to take steps to ensure they don't become the latest victims, warns the US Financial Services Roundtable's technology unit, Bits.

Bank of America, HSBC and Wells Fargo have been among the organisations to see their online services disrupted in recent weeks, with sites overwhelmed by floods of traffic.

A group calling itself the Cyber Fighters of Izz ad-din Al Qassam has claimed credit for the attacks, which it says are in retaliation for the release of a film mocking the prophet Mohammed.

The group has been posting weekly statements on Pastebin outlining targets for the days ahead, although in its latest missive it has promised to take a break for Eid al-Adha.

Bits is urging banks to review their strategies for patching IT systems, scan networks and manage bandwidth to minimise the number of non-attack related issues.

They should also coordinate with ISPs and other service providers to implement controls such as scrubbing, rate limiting and source blocking. External-facing assets and applications should be assessed and communications strategies reviewed to include incident notification for both internal and external parties

Banks should also participate in the FS-ISAC and share actionable information to protect other institutions as well as inform their primary regulator of any attacks.

In its latest Pastebin statement, the Cyber Fighters of Izz ad-din Al Qassam has also stressed that its attacks are designed purely to disrupt services and that no money or data is stolen.

This comes after another organisation, claiming affiliation to Anonymous, said that it was responsible for the HSBC attack and that it had stolen the details of 20,000 customer debit cards:

The group has not provided definitive evidence that it has the card data but is promising to target more banks in the near future.

Comments: (1)

Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune | 30 October, 2012, 14:30

"The group has not provided definitive evidence that it has the card data...". Given that customers have entrusted banks to protect the data, the onus should be on them (i.e. banks) to prove that they haven't lost the card data.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

HSBC becomes latest bank DDoS victim

HSBC becomes latest bank DDoS victim

19 October 2012  |  10753 views  |  0 comments | 2 tweets
Iran blamed for BofA and Chase site attacks

Iran blamed for BofA and Chase site attacks

24 September 2012  |  7049 views  |  0 comments
US banks on red alert as Chase and BofA sites suffer downtime

US banks on red alert as Chase and BofA sites suffer downtime

20 September 2012  |  9824 views  |  0 comments
RBS and NatWest Web services knocked out; Oslo Bors hit by DDoS attack

RBS and NatWest Web services knocked out; Oslo Bors hit by DDoS attack

21 June 2012  |  13113 views  |  3 comments

Related company news

 

Related blogs

Create a blog about this story (membership required)
Find out moreVisit aciworldwide.comhttp://www.financialcrimerisk.fiserv.com/aml?r=finextra

Who is commenting?

A Finextra member Finextra Member Commented on: Payments regulator blo...
A Finextra member Finextra Member Commented on: Payments regulator blo...

Top topics

Most viewed Most shared
Guesswork alone can crack Visa card security - Newcastle UniversityGuesswork alone can crack Visa card securi...
7549 views 12 comments | 15 tweets | 27 linkedin
OCC to offer fintech firms bank charter statusOCC to offer fintech firms bank charter st...
7164 views comments | 25 tweets | 15 linkedin
China tops world fintech rankingsChina tops world fintech rankings
7016 views comments | 35 tweets | 30 linkedin
Fed Governor sounds warning on alternative credit scoring dataFed Governor sounds warning on alternative...
6341 views comments | 19 tweets | 20 linkedin
Big tech policy group calls on Trump to promote fintech innovationBig tech policy group calls on Trump to pr...
5761 views comments | 22 tweets | 11 linkedin

Featured job

to Six-Figure Base, Bonus, Benefits
London, UK

Find your next job