Botnets, DDoS attacks as weapon against financial sector

DDOS attacks against the financial sector almost tripled during the first quarter of this year, according to DDoS mitigation specialist Prolexic. The firm also reported a 3,000 per cent quarter-on-quarter increase in malicious packet traffic targeted at the financial services sector, compared with the final quarter of 2011.

China leads the way as the country from where DDoS attacks originate, followed by the U.S., Russia, then India. Prolexic says "more than 10 of the worlds largest banks due to market capitalization," and "an almost threefold increase in the number of attacks against its financial services".

A distributed denial-of-service attack is one in which several compromised systems attack a single target, causing denial of service for legitimate users. The flood of incoming messages to the target system essentially forces it to shut down, thereby denying service.

The average attack bandwidth rose from 5.2G bps (bits per second) in the last three months of 2011 to 6.1G bps in the first quarter of this year. But the average attack length of time dropped from 34 hours to 28.5 hours over the same periods, Prolexic said.

The bump in attacks on Wall Street firms may have something to do with, we’re going out on a limb here, the popularity of Occupy Wall Street with Anonymous and other hacktivists. The report comes in the wake of successful DDoS attacks on UK government sites over the weekend, with more promised in 2012 by hackers collective Anonymous.

Prolexic's DDoS attack trends report can be downloaded here (registration required)