Security Experts:

DDoS Attacks Widespread in Financial Industry, Survey Finds

Since Operation Ababil began, the websites of banks such as CitiGroup and Wells Fargo have faced periodic bombardment from attackers. But while the big-name banks may garner most of the headlines, the problem of distributed denial-of-service (DDoS) attacks against the financial industry is more widespread than some may think.

According to a new study by the Ponemon Institute, 64 percent of IT staffers surveyed said their banks have suffered at least one DDoS attack in the last 12 months. The study fielded responses from 650 respondents at 351 banks and yielded a sobering statistic – 78 percent believe DDoS attacks will continue or significantly increase in 2013.

“It really comes as no surprise that DDoS attacks are one of the most severe security risks cited by the banking industry and these results clearly demonstrate the level to which they are being targeted on a continued basis,” Dr. Larry Ponemon, chairman and founder of the Ponemon Institute, said in a statement. “When such an attack occurs, the time and efforts of IT staff are devoted to dealing with the problem instead of managing other IT operational and security priorities. This leaves financial institutions open to more dangerous attacks that further compromise their infrastructure.”

The situation is made more problematic by ongoing efforts by attackers to stay a step ahead of security professionals. The latest spate of attacks tied to Operation Ababil this year for example involved compromising a web server in order to redirect traffic from legitimate sites to sites the attackers wanted to take down.

DDoS attacks are lasting longer and getting more complex, noted Avi Chesla, chief technology officer at Radware, in a statement.

According to Radware's 2012 Global Application and Network Security Report, server-based botnets, attack toolkits, encrypted layer attacks and attacker-for-hire services are all among the new strategies being utilized in DDoS attacks.

Using its Advanced Persistent Threat score, Radware found that 58 percent of attacks in 2012 scored a 7 or higher in complexity, more than twice the 23 percent that scored that high in 2011. More than 70 percent of the attacks in 2012 had scores of 3 or higher.

According to the Ponemon study, almost half of the respondents (48 percent) said their banks have suffered more than one DDoS attack during the past year. When asked about the barriers impacting their response, 50 percent listed insufficient personnel and expertise and a lack of effective security technology as the most critical concern.   

“The belief that traditional perimeter security technologies such as firewalls are able to protect against today’s DDoS attacks is lulling not only financial institutions but organizations across every sector into a false sense of security,” said Marty Meyer, president of Corero Network Security, which commissioned the Ponemon study. “Many Organizations assume traditional firewalls can provide protection against DDoS and zero-Day exploits at the perimeter, yet this is not what they were designed to do and therefore attacks are still getting through." 

Subscribe to the SecurityWeek Email Briefing
view counter