In recent months, there have been much publicized reports of some of the larger US banks being targets of DDoS, or distributed denial of service attacks. These attacks, which in effect take the victim’s online presence…well, offline, have been attributed to various groups, from the Anonymous “hacktivist” group, to ticked-off former employees, to foreign nation-states.
On Tuesday, February 12, 2013, the group calling themselves the “Izz ad-Din al-Qasam Cyber Fighters” posted a warning to Pastbin that, though they had suspended their attack on US-based financial institutions in response to Google-owned YouTube pulling the original copy of a movie they found insulting to the Muslim prophet, Mohammed, they would resume “Operation Ababil” if copies of said video were not also removed. You may recall that this is the same group accused by “unnamed sources” in the US Cyber Command of being a cover for Iranian government cyber forces. This morning, they issued another warning, echoing last week’s, that time is running out. Their last round of DDoS attacks resulted in the customers of Bank of America, PNC, Wells Fargo, JP Morgan Chase, US Bancorp, and several others being unable to access their accounts through the web.
The cost of these attacks is difficult to quantify. How many of those attempted customer visits would have resulted in a profitable transaction for the bank? How has the inability to conduct business with the bank influenced those customers to lose faith in the banks’ ability to not only perform everyday business, but to protect the customers’ assets? And, perhaps the most interesting question, at least to me, what else may have been going on behind the scenes while the banks’ information security resources were running around distracted from their normal activities by trying to mitigate the DDoS attacks?