Are DDoS Attacks Changing?

In the past month, JPMorgan Chase, BB&T,American Express, TD Bank, and Wells Fargo suffered DDoS(distributed denial of service) attacks on their online bankingportals. The attacks affected service only intermittently for a fewhours, but signs are pointing to increased strength in attacks andthat consumer banking sites may no longer be the primary target forDDoS attacks moving forward.

Last year, “hacktivists” by the name of al-Qassam Cyber Fighterslaunched attacks on all leading United States financialinstitutions in response to YouTube’s decision not to remove areligiously offensive film. Using between 2,000 and 3,000 “zombie”computers, the al-Qassam group, among others, were able to bringdown bank sites with unprecedented web traffic. In the monthssince, financial institutions have made great strides to level theplaying field. Dave Ostertag, a global investigation manager withVerizon told the American Banker that, “Twelve months ago, themaximum protection for a major financial institution was 10gigabytes per second, now we’re averaging 40 to 50 gigabytes persecond. The entire industry has changed.”

Although financial institutions have improved their defenses,attacks have since grown in strength and are evolving to causenightmares for those trying to mitigate the damage. Banks, however,may not be the primary target for DDoS attacks much longer asothers in the payments industry are beginning to suffer aswell.

In recent weeks, Bitcoin has dominated headlines as the currencyreached new highs. But on April 3rd, the value of an individualBitcoin fell $20 dollars due to outages at the world’s largestBitcoin exchange, Mt. Gox. While speculation was abound about whatled to the outages, the company’s Twitter account confirmed thesite came under a DDoS attack. Bitcoin traders, however, were notthe only payment firms affected by DDoS attacks recently. Paymentstart-up Dwolla and its third party developers also sustained aDDoS attack in early April, which brought down the site for a shorttime.

While the latest DDoS attacks have shown little in the way of moresinister intentions (like stealing card information or othersensitive information), the threat for such actions is everpresent. At RSA Europe 2012, Francis deSouza, Symantec’s head ofEnterprise Products and Services, underscored this sentiment bysaying, “DDoSes have gone from being a blunt-forced attack to beinga sophisticated diversionary attack to disguise another attack.”Though customer service problems may be the most pressing issuewith DDoS attacks today, it may be only a matter of time before oneresults in something more serious.

For more in-depth coverage and insight into DDoS attacks and theirpayment fraud implications, see Mercator Advisory Group’s researchnote, “Distributed Denial of Service Attacks and PotentialFraud Implications.”