DDoS Attacks on Banks Could Continue in Perpetuity

Anthony Freed
By | January 15, 2013

Posted in: Banking DDoS Protection

Another week, and yet another proclamation from the extremist group Izz ad-Din al-Qassam Cyber Fighters, who vow to continue their Distributed Denial of Service (DDoS) attacks on the websites of several financial organizations in protest of a controversial film. "We have repeatedly stated that removal of the offensive video, INNOCENCE OF MUSLIMS, from YouTube is the simplest solution to stop the cyber-attacks... You want to continue playing the game, yes?" the group said in their latest Pastebin post. But is their DDoS campaign simply bringing even more attention to the video they seek to quash? That would seem to be the case.

On January 8th, the group published a formula for calculating the projected duration of their DDoS operation dubbed Operation Ababil, and their estimate of the financial impact to the targeted organizations. The calculations are based on a number of factors, including on the total number of times the video in question has been viewed combined with the number of times viewers registered a “like” vote. The sum is then adjusted to account for the number of “dislikes” of the video, each instance of which is weighted by a factor of ten - that is to say, each "dislike" is considered to compensate for 10 "likes".

Taking into consideration some other subjective factors, such as the group's estimation that the attacks cost the targeted organizations $30,000 per minute and their decision that each "view" and "like" of the video in question should exact a $100 penalty, the group last week estimated that the DDoS campaign would continue for another 169 days in total over the course of about 56 weeks at an average of 7 hours of "DDoS attack success rate per day," with a total cost to the targeted organizations in the neighborhood of $2,467,114,300.

This week, the group recalculated their estimation based on the latest traffic figures available for the video, and determined the attacks would continue another 166 days in total over the course of about 55 weeks, and estimated the targeted organizations would lose about $2,469,200,400 as a result.

Here's the rub: Clips from the video were first uploaded to YouTube in July of 2012, and they created quite a stir, especially after the film was tied to violent uprisings and protests in the Middle East last September, about the same time Izz ad-Din al-Qassam Cyber Fighters began their attacks on the bank websites. But since that time, the mainstream media for the most part has only made mention of the film in relation to the continued DDoS attacks and speculation that the Iranian government may be orchestrating the whole operation, or that it may actually be a diversion initiated by cybercriminals seeking to distract the banks while they pilfer accounts.

But for the continued denial of service attacks, the film may have simply faded into history and not garnered another 22,572 views over the last week (per the five links used in the group's calculations). Perhaps the Izz ad-Din al-Qassam Cyber Fighters should ask themselves whether their continued attacks on financial organizations are actually promoting the film they seek to discredit and have banned.

Even if a flood of "dislikes" on the video were to be registered, or the five URLs they are monitoring were removed, the group has stated that they would find more instances where the film has been posted to use in their calculations, as they noted several times that URLs with "less than 1,000,000 [views] are omitted for now" from their calculations, "but may be considered when those major ones are removed from YouTube."

Outright removal of the video from the Internet is unlikely to happen in a free society, and based on the group's own reasoning and the actions which keep the film in the headlines, they have created a circumstance where the attacks could continue in perpetuity. Let's just hope they lose interest and give up the game.

Regardless of the logic - or lack there of - behind Operation Ababil, DDoS attacks in general will continue to be a popular tactic due to the relative simplicity, low cost to conduct, and the large number of potential targets. Any and every organization with a presence on the Internet could find themselves a target of a denial of service attack.

Organizations concerned about their potential exposure to DDoS attacks are encouraged to take a free DDoS preparedness assessment test which provides a customized evaluation and recommendations for mitigation. The DDoS assessment can be conducted in a matter of minutes by following the instructions here:  DDoS Preparedness Test.

You May Also Be Interested In: