Visitors Now:
Total Visits:
Total Stories:
Profile image
By Ye Olde False Flag
Contributor profile | More stories
Story Views

Now:
Last Hour:
Last 24 Hours:
Total:

Major banks hit with biggest cyberattacks in history

Thursday, December 13, 2012 13:41
% of readers think this story is Fact. Add your two cents.

(Before It's News)

There’s a good chance your bank’s website was attacked over the past week.
Since Sept. 19, the websites of Bank of America (BAC, Fortune 500), JPMorgan Chase (JPM, Fortune 500), Wells Fargo (WFC, Fortune 500), U.S. Bank (USB, Fortune 500) and PNC Bank have all suffered day-long slowdowns and been sporadically unreachable for many customers.

The attackers, who took aim at Bank of America first, went after their targets in sequence. Thursday’s victim, PNC’s website, was inaccessible at the time this article was published.

Security experts say the outages stem from one of the biggest cyberattacks they’ve ever seen. These “denial of service” attacks — huge amounts of traffic directed at a website to make it crash — were the largest ever recorded by a wide margin, according to two researchers.

Banks get hit by cyberattackers all the time and typically have some of the best defenses against them. This time, they were outgunned.

“The volume of traffic sent to these sites is frankly unprecedented,” said Dmitri Alperovitch, co-founder of CrowdStrike, a security firm that has been investigating the attacks. “It’s 10 to 20 times the volume that we normally see, and twice the previous record for a denial of service attack.”

To carry out the cyberattacks, the attackers got hold of thousands of high-powered application servers and pointed them all at the targeted banks. That overwhelmed Bank of America and Chase’s Web servers on Sept. 19, Wells Fargo and U.S. Bank on Wednesday and PNC on Thursday. Fred Solomon, a spokesman for PNC, confirmed that a high volume of traffic on Thursday was affecting users’ ability to access the website, but he declined to go into more detail.

Denial of service attacks are an effective but unsophisticated tool that doesn’t involve any actual hacking. No data was stolen from the banks, and their transactional systems — like their ATM networks — remained unaffected. The aim of the attacks was simply to temporarily knock down the banks’ public-facing websites.

To get hold of all the servers necessary to launch such huge attacks, the organizers needed to plan for months, Alperovitch said. The servers had to be compromised and linked together into a network called a “botnet.”

That level of pre-planning is a deviation from the kinds of denial of service attacks launched at banks in the past by so-called “hacktivists.” Typically, hacktivists use home PCs infected with malware to amass their botnets. Attacks on this scale would be impossible to carry out with home PCs — users too frequently turn them off or disconnect them from the Internet.

http://money.cnn.com/2012/09/27/technolo…index.html



Source:

Report abuse

Comments

Your Comments
Question Razz Sad Evil Exclaim Smile Redface Biggrin Surprised Eek Confused Cool LOL Mad Twisted Rolleyes Wink Idea Arrow Neutral Cry Mr. Green

Top Stories
Recent Stories

Register

Newsletter

Email this story
Email this story

If you really want to ban this commenter, please write down the reason:

If you really want to disable all recommended stories, click on OK button. After that, you will be redirect to your options page.