<img alt="" src="https://secure.leadforensics.com/89462.png" style="display:none;">

Nexusguard Blog

Cybersecurity best practices and DDoS defence strategies

Latest Stories

Featured Stories

Blog Home
Dominic Li
By
July 24, 2018

Protect Against DDOS Attacks in the Financial Sector

Over this half year, DDoS attacks have been endangering different industries. They were allegedly inflicted on the Pyongyang 2018 Winter Olympics' website as well as on the website of Russia central election commission. Also among the victims was the online game network of Final Fantasy. The online services of two Dutch banks and crytocurrency-related industries were also targeted, to name but a few.

 

There were a lot of conjectures in the media about the motives behind the DDoS attacks. Perpetrators launched a retaliatory attack against the International Olympic Committee after several Russian athletes failed their dope tests. Rival countries and Russia’s fabrication were to blame for the incidents of Russia central election’s website.

 

Why Final Fantasy was targeted is still unclear. The barrage of attacks led to hours of downtime during which the number of visitors dropped alarmingly.

 

Perpetrators like to chase where the money is. It thus makes sense that the money-littered financial sectors, like the Dutch banks, were much more attack-prone. Attacks render the victims’ services inaccessible to users with huge attacks. The reasons can be the usual ones like ransom and blackmail. Of far greater concern is reputational damage and financial losses, in areas like staffing, training and compensation.

 

Worse still, the loss of business opportunities and contracts may be connected to such attacks. With the popular use of online banking as well as the thriving market of e-money, such incidents involving the astronomical losses will bring an epidemic of DDoS attacks to the forefront of international attention.

 

DDoS Attacks to Wreak Havoc in Global Financial Sector

Just around the end of May, a wave of DDoS attacks allegedly hit two Dutch banks, ABN Amro and Rabobank. Their websites went down which meant that customers could not access internet banking, mobile banking and various e-services. In fact, this was not the first time both these banks fell victims to such attacks. As early as January this year, both of them and ING, were reportedly hit by a string of attacks, disabling online banking for an hour. A cross-sector collaboration was suggested in order to defend attacks.

 

To Free Institutes from DDoS Attacks As Top Priority

The stories about such incidents in financial sectors have yet again demonstrated that their online services are their Achilles’ heels. As the attack size is on the rise, like those recorded with sizes of over hundreds of gigabytes per or even terabytes per second, it now appears the attack size has far outstripped the possible defensibility of the enterprise itself.

 

A massive attack is exactly the one having more than enough size overwhelm the enterprise-manageable bandwidth.

 

By saturating the capacity of victim’s bandwidth, perpetrators make enterprises take the brunt of an overwhelming size of attacks. Additional bandwidth now seems to be a plausible solution; however, enterprises find it futile to handle such immense amounts of attack traffic. (As we said, hundreds gigabyte or even terabytes per second)

 

Recommendation

The common DDoS protection solutions remain effective provided that the attacks themselves are not sizable enough to overwhelm the physical size of the internet connection or even the performance capacity of the hardware. The present-day attack sizes exceeding hundreds of gigabytes per second is not as yet such a commonplace that the limited numbers of Communication Service Provider (CSP) are well equipped with attack-bearable capacity of bandwidth and attack-designed hardware. As such, a feasible practice for institutes goes to the rerouting of the traffic to an external protection party that enables to filter the malicious traffic, ensuring that all-weather accessibility can be maintained even in the course of being bludgeoned by colossal DDoS attacks.

 

In addition, the enterprise-hosted DNS servers are also exposed to such attacks, causing worrying service downtime and, worse still, forwarding the amplified attacks to others.

 

Conclusion

The attraction of financial institutes as a lucrative attack target is preoccupying perpetrators. The online systems of banks paralyzed,unavailable to provide services, was an example. With the burgeoning cryptocurrency-related business in recent years, the surge in these crimes also marks a new high in the cyberworld. Countless users transact online and trade an enormous amount of money every second, a fact regarded as a desirable darling for perpetrators to exploit.

 

Despite providing various services such as bandwidth, DNS services and website hosting, the susceptibility to DDoS attacks hinges on the maturity of and the advance in the protection platform of CSP. Situated on the security bridgehead of the institutes, CSP is supposed to strategize against any potential threat directed towards them. Be that as it may, CSP might not well handle the potentially deadly attacks targeted at the institutes.

 

Looking forward, we predict that the financial sector will face a new challenge from DDoS attacks, with an ascent of a novel form of banks ─ virtual banks as well as the growing use and the resulting wild speculation of the new age money ─ electronic money and cryptocurrency.

 

We believe that the increasing engagement of electronic money and cryptocurrency in the financial sector will aggravate more rampant DDoS attacks. Security analysts must always be on the lookout for tell-tale signs.

Perpetrators like to chase where the money is. It thus makes sense that the money-littered financial sectors, like the Dutch banks, were much more attack-prone. Attacks render the victims’ services inaccessible to users with huge attacks. The reasons can be the usual ones like ransom and blackmail.

Comments Form: