What Bank Executives Need to Know about DDoS Protection

The hacktivist collective called Anonymous has brought cybersecurity to the forefront again, as it continues to strike at some of the world’s leading banks and financial organizations with its OpIcarus distributed denial of service (DDoS) attack campaign. Last week Anonymous shut down the London Stock Exchange for two hours.

Coincidentally during the same week, HelpNetSecurity published an article that highlighted a troubling statistic: “1 in 10 banking CEOs don’t know if they’ve been hacked.” The statistic came from a KPMG study of 100 banking executives. The farther down the management chain, the greater the lack of awareness, according to that article:

“Approximately 47 percent of banking executive vice presidents and managing directors reported that they didn’t know if their bank had been hacked, and 72 percent of senior vice presidents and directors stated that they didn’t know.”

The statistics above suggest that banking executives are not inclined to share information about cyber incidents with all their senior staff. That may be understandable if not all staff are on a “need to know” basis for security breaches.

Banks Need DDoS Protection

Regardless, banks and other financial institutions can ill-afford to be laggards when it comes to implementing cybersecurity measures. First of all, it’s important for a bank system to maintain uptime, because many bank transactions are time-sensitive. Second, account security is of utmost importance; theft of sensitive data is unacceptable. Third, a cyberattack incurs high IT and legal costs related to damage control after the incident. It’s plain to see that cybersecurity is a bottom-line issue because breaches lead to loss of revenue and customer trust.

DDoS attacks are perhaps the most obvious cyber threats that banks face. People often associate a DDoS attack with a complete network shutdown, but what should scare bank executives even more is the possibility of a low-threshold, Dark DDoS attack. Corero research found that 93% of all DDoS attacks were under 1 Gbps, 95% lasted less than 30 minutes, and 71% of them lasted less than 5 minutes. These statistics indicate that the goal of hackers is not always to cripple a website and make headlines (like Anonymous usually does).

Advanced Persistent Threats (APT)

Cyber criminals increasingly deploy low-threshold attacks because they are small enough to evade the radar of IT staff and traditional DDoS scrubbing solutions. Dark DDoS attacks distract IT staff while the hackers map a network to find its vulnerabilities, and then launch dangerous malware on the network. Corero COO Dave Larson notes,

“If you can create a pathway through an enterprise's network using DDoS — even if it's a few minutes — that's enough time, and once they've done that, they can embed an advanced persistent threat (APT: essentially the enterprise version of a botnet) that sits there quietly on the server until the bad guys want to use it.”

The hackers can then leak critical information out of a network, such as credit card info or keystrokes, without anyone noticing.

Many companies rely on a firewall or intrusion prevention system (IPS) for protection, but both are rendered useless in the face of a DDoS attack. The only way to stop DDoS attacks is to have an always-on, inline, and automated network threat defense appliance that blocks DDoS traffic at the edge of the network. Without adequate DDoS protection in place, banks could be pouring money down the drain.

If you’d like to learn about how Corero can protect your organization from DDoS attacks, contact us!