The hacktivist group Izz ad-Din al-Qassam Cyber Fighters claims that its second phase of distributed-denial-of-service attacks has affected nine banks since Dec. 11, and it warns more attacks are on the way.
Hacktivists on Christmas Day announced new plans for more DDoS attacks against U.S. banks, and it appears Citi was among the first hit, although the attackers named no specific targets in their latest threat.
PNC and Wells Fargo both reported only minor disruption from online traffic surges on Dec. 20. Has the strength of DDoS attacks subsided, or are banks getting better at defending against these strikes?
Hacktivists announced Dec. 18 that they planned yet another round of distributed-denial-of-service attacks against five U.S. banks. Wells Fargo confirmed its online banking site experienced outages throughout the day.
A day after Izz ad-Din al-Qassam Cyber Fighters announced plans for a second wave of DDoS attacks, SunTrust, Bank of America and PNC experienced intermittent site issues, and U.S. Bank acknowledged the new threat.
Leaders at four security technology companies say the recent distributed-denial-of-service attacks against 10 U.S. banks highlight the need for new approaches to preventing and responding to online outages.
Download the transcript of this interview in PDF format (sponsored by Corero Network Security)
As DDoS attacks on banks continue, institutions can take immediate steps to lessen the impact on customer experience and reduce fraud risks. Jason Malo of CEB TowerGroup offers insight.
When it comes to fighting DDoS attacks, institutions must understand the threats against them, says Bill Wansley of Booz Allen Hamilton. Varying attack vectors require different modes of detection and prevention.
The hacktivist group known as Izz ad-Din al-Qassam apparently made good on its promise to take down Capital One's online presence. So what does this latest in a series of DDoS attacks mean for other banks?
A Twitter posting by an individual claiming to be from the hacktivist collective Anonymous claimed it targeted GoDaddy on Sept. 10, but it wasn't until the following day the company determined its computers were not breached.