May 01, 2013

DDoS attacks on U.S. institutions to continue

May 1, 2013 – The FBI says there have been more than 200 distributed-denial-of-service attacks on 46 U.S. banking institutions as of April 10 using high-bandwidth servers having vulnerable content management systems, according to a report Tuesday, and the attacks are expected to grow.

This is according to a "flash report" on the botnet Brobot, which the news report says is used by the hactivist group Izz ad-Din al-Qassam Cyber Fighters. The report quotes the FBI stating that the scripts for this botnet are changing "as attackers perfect their techniques."

The 200 attacks noted above are counted from the time of the hactivist's group's announcement of its first phase of attacks in September. The report says the group is now in its third phase of such attacks and quotes experts saying these are expanding to include more organizations.

The FS-ISAC, formed in 1999 by the financial services sector, disseminates physical and cyber threat alerts and related information to member organizations. NAFCU maintains regular communication with the cybersecurity community, including the FS-ISAC and external firms that provide DDoS mitigation assistance. Cyveillance, a NAFCU Services preferred partner, addresses DDoS and other online threats in a series of blog posts, podcasts and white papers published on this website.

The FS-ISAC is holding a free workshop on emerging threats for its members May 7, and today is the registration deadline. The workshop is for cyber-incident response executives, or individuals that have risk and threat management responsibilities at financial institutions.