Cybersecurity

According to reports, some of the United States biggest financial institutions including Wells Fargo, JPMorgan Chase, Bank of America, Citigroup, and Bancorp were hit by a series of cyber attacks last week, by a group claiming Middle Eastern ties, that caused Internet blackouts and delays in online banking.

The banks suffered denial-of-service attacks, in which hackers barrage a website with traffic until it is overwhelmed and shuts down. Such attacks, while a nuisance, are not technically sophisticated and do not affect a company's computer network or, in this case, funds or customer bank accounts.

Hacktivists, calling themselves "Mrt. Izz ad-Din alQasssam Cyber Fighters," attacked Wells Fargo and posted on Pastebin that U.S. Bancorp and PNC Financial Services Group are next. The group said it had attacked the banks in retaliation for an anti-Islam video that mocks the Prophet Muhammad. It also pledged to continue to attack American credit and financial institutions daily, and possibly institutions in France, Israel and Britain, until the video is taken offline. The New York Stock Exchange and Nasdaq were also targeted.
The Hacker News

Frustrated customers of Bank of America, JPMorgan Chase, Citigroup, U.S. Bank, Wells Fargo and PNC, who could not get access to their accounts or pay bills online, were upset because the banks had not explained clearly what was going on.

Representatives for other banks also confirmed that they had experienced slow Internet performance and intermittent downtime because of an unusually high volume of traffic. Security researchers said the attack methods were too basic to have taken so many US bank sites offline. The hackers appeared to be enlisting volunteers for the attacks with messages on various sites.

IT Security professionals need to realize that the hackers are doing damage to websites without having to access the corporate servers. They are hitting the site hard without breaking in. A safety barrier must be created and maintained.

Update: Prolexic Technologies said the distributed denial of service (DDoS) toolkit called itsoknoproblembro was used against some of the banks which included Wells Fargo, U.S. Bank, PNC Bank, Bank of America and JPMorgan Chase.

The attack signatures are extremely complex and Prolexic has recorded sustained floods peaking at 70 Gbps and more than 30 million pps against some of its customers. Most mitigation providers would struggle to combat DDoS attacks with these characteristics.

The itsoknoproblembro toolkit includes multiple infrastructure and application-layer attack vectors, such as SYN floods, that can simultaneously attack multiple destination ports and targets, as well as ICMP, UDP and SSL encrypted attack types.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.