Ponemon Study Provides Insight on Financial Sector DDoS Attacks

Anthony Freed
By | January 23, 2013

Posted in: Banking DDoS Protection

Distributed Denial of Service (DDoS) attacks against the financial sector continue to dominate headlines weekly, as hacktivists and criminal syndicates repeatedly target the websites of major organizations. A new study sponsored by Corero and conducted by the Ponemon Institute provides insight into how prepared financial institutions are for the onslaught of attacks that are expected to increase in frequency and duration throughout 2013.

The report, titled A Study of Retail Banks & DDoS Attacks, surveyed 650 security practitioners from 351 banks of various sizes, and revealed that two-thirds of respondents indicated they were the target of a DDoS attack over the course of the last year, and almost half said they experienced multiple attacks. On average, it is estimated that banks experienced 2.8 DDoS attacks in a 12 month period, similar to those experienced by U.S. Bancorp, JPMorgan Chase, Bank of America, PNC Financial Services Group, SunTrust, HSBC, Ally Bank, BB&T, Wells Fargo and Capital One.

"However, DDoS attacks are not limited to the large national banks. Smaller retail banking institutions that might not have the necessary defenses in place are expected to be targeted in the coming months," the report noted.

The study reveals that institutions are more confident in their ability to detect DDoS attacks at their onset, with 43% of respondents rating their organization’s ability to identify a DDoS attack as being either effective or very effective, and 37% having the same level of confidence they are prepared to defend against them. In contrast, about 20% do not believe their organization is capable of effectively detect a denial of service attack, and 23% felt they are not equipped to prevent an attack.

Diminished productivity for the bank’s IT staff was rated as the worst consequence of a DDoS attack, followed by damage to the organization's reputation, loss of productivity for end users, revenue losses, and compliance violations.Theft of data and outright damage to systems were ranked as the least troublesome consequences.

DDoS attacks are so prevalent in the financial sector, the threat was rated second only to the risks posed by zero-day attacks. Social engineering and phishing campaigns, followed by web-based attacks, malware exposure, and threats from malicious insiders also topped the list.

The lack of personnel and in-house expertise was cited by 26% of respondents as being the most critical factor in the bank's inability to effectively prepare for and respond to DDoS attacks, followed by insufficient technologies at 24%, and budget constraints at 15%.

Traditional firewall utilities were ranked as the number one technology employed to defend against DDoS attacks, followed by on-premises anti-DDoS tools. "Despite recognition that the threat is not abating, only 30 percent are planning to purchase an anti-DDoS technology in the next 6 to 12 months," the report noted.

“Many Organizations assume traditional firewalls can provide protection against DDoS and Zero-Day exploits at the perimeter, yet this is not what they were designed to do and therefore attacks are still getting through,” said Marty Meyer, President of Corero.

“Organizations need to add First Line of Defense solutions that can provide this protection and are able to remove all of the ‘noise’ at the perimeter before it hits the network so that firewalls and servers can optimally work on the functions they were originally designed for,” Meyer recommended.

The full report from Ponemon and Corero is available here:

You May Also Be Interested In: