We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,258 News Articles

DDoS attacks against US banks peaked at 60 Gbps

Banks are likely to be better protected against this wave of attacks, Arbor Networks researchers say

Some of the distributed denial-of-service (DDoS) attacks that targeted the websites of U.S. financial institutions this week have peaked at 60 Gbps, according to researchers from DDoS mitigation provider Arbor Networks.

A group calling itself "Izz ad-Din al-Qassam Cyber Fighters" launched a series of DDoS attacks against the websites of several U.S. banks during September and October, severely disrupting online and mobile banking services for extended periods of time. The group claimed that the attacks were in response to a controversial film trailer mocking the prophet Muhammad not being removed from YouTube.

On Dec. 10, the same group announced that a new wave of attacks would start this week and target U.S. Bancorp, JPMorgan Chase, Bank of America, PNC Financial Services Group and SunTrust Banks. In a post on Pastebin, the group said this second phase of the operation would involve more widespread attacks.

The attacks started on Tuesday and continued Wednesday and Thursday. "PNC and other banks have experienced an unusual volume of internet traffic," PNC Bank said Wednesday in a post on its Facebook page. "As a result, some customers may experience slowness or difficulty when logging into online and mobile banking."

On Thursday, the bank posted an update saying: "PNC is experiencing an unusual volume of internet traffic consistent with recent threats against U.S. banks. Access to pnc.com, online and mobile banking is slow as we work to resolve the issue."

"Some of this week's attacks have been as large as 60 Gbps," researchers from Arbor Networks said Tuesday in a blog post. The average rate for attacks in September was 1.67 Gbps, with a peak for that month of 63.3 Gbps, according to figures from Arbor.

That said, the attacks are not that much different from the ones in September and October, according to Dan Holden, head of Arbor's security engineering and response team. There are some changes in the tools being used, but they are not significant, he said.

The attackers are using a new version of a tool called Brobot -- one of the primary tools used in the first set of the attacks -- and the main addition seems to be a new attack method that uses specially crafted DNS packets. However, this is a known technique and from an Arbor standpoint, there should be no problem defending against it, Holden said.

He believes that in general the banks and their providers are better prepared to defend against DDoS attacks now than they were two months ago. Even if some of the websites are affected, it will be less so than it was in September and October, he said.


IDG UK Sites

Nexus 6 vs Sony Xperia Z3 comparison: Lollipop phablet takes on KitKat flagship smartphone

IDG UK Sites

Why people aren't upgrading to iOS 8: new features are for power users, not the average Joe

IDG UK Sites

Free rocket & space sounds: NASA launches archive of interstellar audio on SoundCloud

IDG UK Sites

iPad Air 2 review: Insanely fast and alarmingly thin. Speed tests, camera tests, beautiful...