Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Security Infrastructure

Sweden Military Servers Hacked, Used in 2013 Attack on US Banks

Swedish military computers were hacked and used in an attack targeting major US banks in 2013, the armed forces said on Monday.

Swedish military computers were hacked and used in an attack targeting major US banks in 2013, the armed forces said on Monday.

The attack knocked out the web pages of as many as 20 major US banks and financial institutions, sometimes for several days.

Speaking to AFP, military spokesman Mikael Abramsson said that a server in the Swedish defense system had a flaw which was exploited by hackers to carry out the attacks, confirming a report in the Swedish daily DN.

Servers Hacked for DDoS

“The hacking attack was a kind of wake-up call for us and forced us to take very specific security steps to prevent such a thing from happening again,” he said.

“We cannot be more specific about the new security measures we put in place, but such an attack could not happen again.”

The servers were used in a so-called DDoS attack (distributed denial of service) which pounded the websites of US financial institutions, among Citigroup, Capital One and HSBC with overwhelming requests for information.

At the time, the attack, which began in 2012 and continued for months, was one of the biggest ever reported.

US officials blamed Iran, suggesting it was in retaliation for political sanctions and several earlier cyber attacks on its own systems.

Advertisement. Scroll to continue reading.

Many other vulnerable servers in locations throughout the world were used in the attack, and together they created an Internet traffic jam so powerful that it knocked out the banks’ websites.

“We normally have a good eye on our stuff. This mistake is about the human factor,” Dan Eriksson, IT security expert with the Swedish armed forces, told DN.

DDoS attacks have long been a basic hacker weapon but they have typically involved the use of armies of personal computers tainted with viruses and coordinated to make simultaneous requests at targeted websites.

In 2013, attackers infected datacenters used to host services in the Internet “cloud” and commandeered massive computing power around the world to back the DDoS attacks, security experts said.

US-based Neustar, which protects companies from such attacks, said they can cost financial institutions as much as $100,000 (about 88,000 euros) an hour.

Related: U.S. Banks Back Under DDoS Fire

Related: Cyberattack Capable of Downing Entire Internet Is Unlikely  

Related: DDoS Toolkit Used in Synchronized Attacks Against Banking, Energy Firms

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders.

Register

People on the Move

Data security startup Reco adds Merritt Baer as CISO

Chris Pashley has been named CISO at Advanced Research Projects Agency for Health (ARPA-H).

Satellite cybersecurity company SpiderOak has named Kip Gering as its new Chief Revenue Officer.

More People On The Move

Expert Insights