The bad news: yet more U.S. banks are falling victim to so-called Distributed Denial of Service attacks that flood websites with extraneous data, essentially overwhelming their ability to respond to legitimate inquiries.
U.S. Banccorp on Thursday joined a list of DDoS victims that includes Citigroup, Wells Fargo, JPMorgan Chase and Bank of America.
The good news: the attacks have done no damage to the banks' IT infrastructure, said experts.
The attacks have been claimed by Fizz ad-Din al-Assam Cyber Fighters, an Islamic group that said it is taking down banks in protest of a short, anti-Islam film that has provoked rioting and violent protests in many Islamic countries.
That group has posted authorship claims on Pastebin, a website often used by hackers to announce their actions.
Experts do not necessarily believe those claims, but they do not say they are false, either. Nobody currently knows who, or what, is behind the attacks.
To date, no credit unions have indicated that they have been victimized. However, experts told Credit Union Times that the list of financial institutions that have suffered attack is in fact larger than the list of those that have publicly acknowledged they have been victimized
Jeffrey Lyon, president of Los Angeles security firm Black Lotus, said in an interview that the actual hackers who have conducted the attacks may be for-hire cyber criminals without any particular ideology.
Their skills, he said, are increasingly available for purchase. This makes tracking down exactly who is behind a specific attack that much harder.
Matters may get still worse is the message from Matthew Prince, CEO of CloudFlare, a San Francisco-based security company. He said, “The attacks have been getting more sophisticated.” Defenders have had to significantly up their game, according to Prince.
Prince added that “this appears to be a systematic attack on the nation's financial system. They appear to be probing smaller institutions now. This has the feel of someone working down a list, looking for weaknesses.”
Prince's message: no financial institution should believe it is safe from attack. The next phase is presently unknown.
Complete your profile to continue reading and get FREE access to CUTimes.com, part of your ALM digital membership.
Your access to unlimited CUTimes.com content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Breaking credit union news and analysis, on-site and via our newsletters and custom alerts
- Weekly Shared Accounts podcast featuring exclusive interviews with industry leaders
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical coverage of the commercial real estate and financial advisory markets on our other ALM sites, GlobeSt.com and ThinkAdvisor.com
Already have an account? Sign In Now
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
