We were warned. Now, the size of these denial of service cyber attacks have delivered a massive punch in traffic. One report says it’s “skyrocketed” while another uses the term “exploded”. At any rate, the bandwidth average that these attacks are resulting in clocks in at close to 700%. It’s massive – and there are still no solutions.
These reports reveal the challenges banks, retailers and other companies are facing in a technological era. And those challenges are found in one place: the denial of service attacks that have been plaguing banks and credit card companies for months.
718 Percent Increase
Prolexic Technologies, a denial of service protection company, says the bandwidth is up to 48.25 gigabytes per second. While it’s at more than a 690% increase this year alone, it’s also up a whopping 718% from the fourth quarter of 2012. The Prolexic report notes,
Never before have attacks been this formidable.
And there’s more. Prolexic also said more than 10% of attacks against its client base averaged more than 60 gigabytes per second. One attack, against an unnamed company peaked at 130 gigabytes per second throughout March. And the length of time the attacks are wreaking havoc is up by 21% for a total of 34.5 hours. Other numbers:
Denial of service attacks are happening far more often, up nearly 22% March accounts for 44% of the attacks. More companies are acknowledging these attacks; it’s no longer just the banks. A few of them include Facebook, Apple, the New York Times and, of course, Wells Fargo has taken significant hits in recent weeks.
Looking Back
Last October, a group calling itself the The Izz ad-Din al-Qassam Cyber Fighters, took credit for all of the attacks. Usually, it gave fair warning as to which banks would be targeted next, how long the attack would happen and even the day the attack would begin. Unlike previous PasteBin messages, the group said it wouldn’t be releasing a list of banks on its list for awhile,
We know that the bankers are worried and are waiting to find out which one of them it will be this time,
the group wrote in Arabic. It did, though, say its attacks would begin later that week – and they did.
We wrote at that time:
As mentioned, the attacks thus far are unleashed with the goal of frustrating consumers, not to actually penetrate the bank accounts, credit card accounts or other specific accounts. That said, even though these denial of service attacks are actually common, the sheer size of these problems is only heightening the concerns that they too might soon evolve. Unfortunately, companies across other business sectors may not be as well protected. There are concerns the attacks will spread to other areas and business dynamics. There have been no credible threats thus far and it’s little more than speculation for now.
In December, a new threat emerged and if it wasn’t troublesome then, it most certainly is now. Here’s what we wrote on December 22nd:
…There could be as many as thirty U.S. banks that are being targeted for what it’s calling “massive cyber attacks”. The information released by RSA, a security win of EMC Corp, outlines efforts to steal millions of dollars from consumers’ bank accounts. The report was completed in October and also lists several other financial entities, including eBay and PayPal, as well as credit card accounts linked to those bank accounts.
Project Blitzkrieg is especially troublesome…partly because unlike other recent denial of service attacks, these hackers are out for the loot.. this new report shocked those in both the security and financial sectors because the criminals had managed to develop this incredibly sophisticated Trojan without alerting any of the traditional triggers and worse, this Trojan will be able to quickly penetrate bank accounts from the nation’s biggest banks, including Wells Fargo, CitiBank and many others, while quickly draining the accounts.
The crime ring plans to launch its attack in full force in the spring of 2013, and it’s not entirely clear where the the criminals are at this point since the leak caused the entire group to “go dark”.
While many efforts to detect this kind of activity includes recognition software designed to let the banks and companies know when accounts are being accessed from foreign ISPs, the hackers were able to bypass those security measures and thereby bypassing the security questions.
What’s Next?
So with the massive increase in attacks, the extended periods of time that they’re actually wreaking havoc, and the warnings from last year, are these threats coming full circle and if they are, what’s next? It’s difficult to ascertain much at this point. It’s as important now as it’s ever been to really pay attention to your credit cards, bank accounts and other warning signs that might suggest you’ve been compromised. For instance if you go to pay with your debit card and it’s declined due to lack of funds, it’s crucial you find out right away what’s happened. This is being made even more difficult by the fact that many experts are unsure of what’s behind the attacks and who’s guiding them.
While some analysts continue to express skepticism about being able to trace the origins of an attack, Prolexic said 40.68% of DDoS attacks in the first quarter were believed to be from China, compared with 30.59% in the year-earlier quarter and 55.44% in the fourth quarter of 2012. Remember, it’s been believed for awhile that it’s a Muslim group. The next highest source countries were Germany (10.59%), Iran (5.51%) and India (5.01%). The take-away is that no one knows for sure.
Cyber Espionage
In one final note, there are now companies who are reporting “cyber espionage attacks”. These are far more dangerous than the denial of service attacks since there is a loss of intellectual property associated with these efforts, including product formulas or stealing information and then providing it to competitors.
So far, most of the companies and especially the banks and credit card companies are remaining mum on their thoughts or efforts to prevent the attacks. This is likely because there has yet to be any kind of reveal on who’s behind them. It’s challenging – and ideally, security experts will be able to prevent these attacks from progressing any further.
So what are your thoughts? Do you remember those instances and warnings last year and if so, did you take any precautions to protect you and your financial health? Let us know your thoughts.
Similar Credit Card News:
- Does The Internet Cause Inefficiency and Security Lapses?
- FBI and Secret Service Fight Against Credit Card Hackers
- Stolen PSN Card Details Appear on Black Market
- U.S. Economy Sees 2.5% Growth Last Quarter
- Lenders Still Pursuing Subprime Accounts
- MC Waives Fees on Japanese Relief Donations
- Study Shows Credit CARD Act 2009 A Success
