In the last couple of weeks there has been a big jump of DDoS attacks focused on the websites of major US financial institutions. Among those reportedly attacked has included Wells Fargo, JP Morgan Chase, Bank of America, PNC, and U.S. Bank. A distributed denial-of-service attack or better known as a DDoS attack is a malicious effort to overload a network, server or application and deny service to all its users. This is done by either one person or a group of people who deliberately interrupt the service.
In the case of the attacks on the US Financial institutions, Izz ad-Din al-Qassam Cyber Fighters has claimed responsibility. The reason given has been the attacks are a way of forcing the takedown of the controversial video that, according to the group, mocks the prophet Muhammad.
The main impact has been on customers from various financial institutions. They reported being unable to access their checking, savings, and mortgage accounts, as well as bill-paying and other services, via the affected banks’ websites and mobile applications.
In these attacks it has been reported that multiple DDoS tools and attack types were used including TCP/IP flood, UDP flood, and application attacks (both HTTP and HTTPS). This was all supported by high bandwidth capacity.
A twist that has been seen with this latest attack is active recruiting for resources. The underground chatter has indicated that the perpetrators actively recruited people to turn their machines into “zombies” for the attack and provided the path to get the needed malware download.
DDoS attacks have grown in size over the past two years. DDoS attacks have gone from being a minor annoyance to seriously impacting communications and commerce on the affected sites. This particular attack has reportedly reached volumes of 70 Gbps. It is not unusually today to see attacks of 100 Gbps, where as a couple of years ago attacks were a 10th that size.
It all leads to the point that commercial and government sites must be prepared for such attacks. They should plan for extra capacity in network bandwidth and servers. Make sure that network or other service providers can provide attack mitigation in the cloud. Leverage and tighten Router and Firewall rules. Make sure that critical application acquired such as DNS server software can contribute to keeping the website available by being able to mitigate unwanted attack traffic.
This exposure has been taken very seriously at Secure64. All of our DNS product have been designed and built from the ground up to include resistance to DDoS attacks. You can visit our site to see how our genuinely secure DNS server product can be used to provide better site availability.