What are DDoS Attacks?

Jeff Miles, VP / Information Services Manager, Scott Valley Bank

What are DDoS Attacks?

A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a machine or network resource unavailable to its intended users. Although the means to carry out, motives for, and targets of a DoS attack may vary, such attacks generally consist of efforts to temporarily or indefinitely interrupt or suspend services of a host connected to the Internet.

The two most common motives that I have seen for orchestrating DDoS attacks in the financial industry are to achieve a political goal or to divert attention away from an attempted fraud event.

Political attacks are generally aimed at larger financial institutions with the intent of causing a disruption of service to gain attention to their cause. The hactivist group Izz ad-Din al-Qassam Cyber Fighters recently launched its phase four DDoS attacks targeting large banks in the U.S. This group has been attacking banks and other financial industry websites off and on since September 2012 with some success at disrupting websites for periods of time.

The DDoS attacks that are intended as a distraction to a fraud event are far too common in my opinion and get far less attention than the political attacks.

How do the fraud scams typically work?

The fraudsters typically target a bank client that has an Automated Clearing House (ACH) or Wire transfer facility available to them online. Once they have compromised the client’s online banking access they launch a DDoS attack on a bank’s website to distract from the cyber heist that they are performing against the bank’s client at the same time. Funds are then sent out via ACH or Wire transfer as if they were authorized by the client. By the time the theft is discovered it is usually too late to recover any of the funds.

What are the banks doing to protect their customers?

The financial industry is learning new ways to mitigate DDoS attacks through technology; you should see that the attacks are becoming less successful all the time. To protect clients against cyber heists, many banks are requiring multi-factor authentication, out-of-band authentication for high-risk transactions, and performing behavioral analytics to determine if a transaction is normal for a particular client before processing it. These are just a few of the techniques in use to mitigate risk against fraud and I believe you will see more banks requiring stronger security in order to safeguard the online banking channel.

What can you do to help protect yourself?

I recommend that you explore your bank’s online banking capabilities to determine what they have to help you secure your online access. Many systems have alerts that are very helpful in detecting fraudulent access to your accounts. Be sure you understand these alerts and have them turned on. I have mine setup to alert me via SMS text message and e-mail every time a successful login occurs. Should I receive an alert when I am not using the system, I will immediately be alerted that there is a problem. For users with ACH and/or Wire transfer facilities, I recommend turning on a lot more security if it is available. If at all feasible, dedicate a device for conducting your Internet Banking that does not utilize the Internet or e-mail for any other purposes. This will reduce the risk of the device being compromised. I recommend setting up dual approval for ACH and Wire transactions. I would see if alerts are available to alert you when a new payee is added to the system. I would recommend a login that requires the use of a security token or mobile application to authenticate to the system. Turn on as much security as you can tolerate. The inconvenience of the added security far outweighs the risk of being a victim of a cyber attack that may have been prevented.

My intent with this article is to create awareness of what is going on in the cyberworld and not to create overwhelming fear. A little fear is a good thing as that comes with a new awareness. If you are diligent in utilizing the available security tools offered by the banking industry, the likelihood of your system being compromised is greatly reduced. I read about cybercrime almost on a daily basis and almost all of the Internet Banking heists I have read about could have been prevented if the clients used the security tools available to them.

View Happy Thanksgiving from Scott Valley Bank - The VAULT - Nov. 2013