Newsroom
August 02, 2015
Hackers using DDoS threat to extort money from financial institutions
MarketWatch reported Friday that hackers are using the threat of a distributed denial of service (DDoS) attack to extort money from large banks and financial services companies.
Richard Jacobs, assistant special agent in charge of the cyber branch at the FBI's New York office, was quoted as saying that more than 100 companies, including big banks and brokerages, have received DDoS threats since about April.
Jacobs said in the article that the ransom requests typically run in the tens of thousands of dollars and that in some cases the companies have paid.
MarketWatch reported that a DDoS outage could mean losses of more than $100,000 an hour for financial companies.
In the article, Jacobs said the FBI does not advise firms as to whether they should pay a ransom or let their websites go down. In January, a Swiss bank refused to pay a $12,000 ransom, and hackers released information on about 30,000 of its clients.
DDoS attacks are on the rise at financial institutions, according to the June issue of The NCUA Report, which reported an increase of 117 percent in the first quarter compared to last year. NCUA cited research from cloud-services firm Akamai and noted that financial institutions were the target of 8.4 percent of DDoS attacks in the first quarter.
NCUA has urged credit unions to know the signs of a DDoS attack and to take precautions. In addition, the Federal Financial Institutions Examination Council has issued risk-mitigation information and requirements concerning DDoS attacks.
Richard Jacobs, assistant special agent in charge of the cyber branch at the FBI's New York office, was quoted as saying that more than 100 companies, including big banks and brokerages, have received DDoS threats since about April.
Jacobs said in the article that the ransom requests typically run in the tens of thousands of dollars and that in some cases the companies have paid.
MarketWatch reported that a DDoS outage could mean losses of more than $100,000 an hour for financial companies.
In the article, Jacobs said the FBI does not advise firms as to whether they should pay a ransom or let their websites go down. In January, a Swiss bank refused to pay a $12,000 ransom, and hackers released information on about 30,000 of its clients.
DDoS attacks are on the rise at financial institutions, according to the June issue of The NCUA Report, which reported an increase of 117 percent in the first quarter compared to last year. NCUA cited research from cloud-services firm Akamai and noted that financial institutions were the target of 8.4 percent of DDoS attacks in the first quarter.
NCUA has urged credit unions to know the signs of a DDoS attack and to take precautions. In addition, the Federal Financial Institutions Examination Council has issued risk-mitigation information and requirements concerning DDoS attacks.
Share This
Related Resources
Add to Calendar 2024-05-03 14:00:00 2024-05-03 14:00:00 Plan Sponsor Attitudes Toward Retirement Plan Management and Fiduciary Outsourcing About the Webinar In January 2024, Pentegra conducted a survey of retirement plan sponsors and their perspectives on retirement plan management and fiduciary outsourcing. The survey measured how sponsors are using fiduciary outsourcing to help better manage their retirement plans. It also captured their perspectives on what outsourcing does to help them better position their plans and drive improved retirement plan outcomes. Key Takeaways: What is the full scope of your responsibilities as a plan sponsor? What is fiduciary outsourcing and how does it work? How does fiduciary outsourcing help reduce workloads and minimize risk? How can a credit union best position its plan to drive improved outcomes? Register Here Web NAFCU digital@nafcu.org America/New_York public
Plan Sponsor Attitudes Toward Retirement Plan Management and Fiduciary Outsourcing
preferred partner
Pentegra
Webinar
Turning Lemons into Lemonade: Capitalizing in a Post-Banking Crisis Era
Strategy
preferred partner
Allied Solutions
Blog Post
Ensuring Safety and Soundness with AI
Management, Consumer Lending, FinTech
preferred partner
Upstart
Blog Post
Add to Calendar 2024-05-02 14:00:00 2024-05-02 14:00:00 Mastering Resilience in Incident Response Plans About the Webinar An Incident Response (IR) plan is crucial for guiding credit unions through major incidents efficiently and effectively. However, many IR plans lack resilience, making them less adaptable to the evolving threat landscape. Join us for our webinar Mastering Resilience in Incident Response Plans where DefenseStorm cyber experts Elizabeth Houser and James Bruhl will delve into the importance of resiliency within cybersecurity IR plans. Don’t miss out on the opportunity to learn how to: Ensure IR plan accessibility so that all team members with assigned roles are prepared for effective incident response. Conduct efficient and regular reviews to ensure roles and responsibilities are current, tools are relevant, and compliance requirements are met. Implement and utilize tabletops to regularly test the effectiveness of your IR plan. Enhance preparedness, efficiency, and confidence among responders. View On-Demand Web NAFCU digital@nafcu.org America/New_York public
Mastering Resilience in Incident Response Plans
preferred partner
DefenseStorm
Webinar
Get daily updates.
Subscribe to NAFCU today.