Financial Sector Sees 22% YoY Rise in DDoS Attacks, Warns FS-ISAC Report

It is now easier to carry out a DDoS attack and banks are taking notice.

Distributed Denial of Service (DDoS) attacks have recently been a growing concern for the financial sector.

A Bloomberg report points out that DDoS attacks targeting financial institutions have increased 22% year over year as of November 2022, according to a report by the Financial Services Information Sharing and Analysis Center (FS-ISAC).

The rise is particularly pronounced in Europe, where financial services saw a 73% increase in DDoS attacks. In Europe, 50% of all DDoS attacks were aimed at financial services.

These attacks, which slow or disable websites by overwhelming them with traffic from a botnet of connected devices, are attributed mainly to protesting hacktivists and financially motivated actors.

A Growing Concern for DDoS Attacks

DDoS attacks can also serve as a decoy for other malicious activities, such as malware or espionage. The recent increase in the volume and intensity of these attacks has raised key business risks such as operational disruption, reputational damage, compliance, and supply chain risks.

DDoS attacks have been used for political aims in recent years, targeting those who took sides in geopolitical hotspots such as Ukraine, China, and Taiwan.

A group aligned with Russian interests, Killnet, has conducted a campaign of DDoS attacks on businesses, governments, and airports over the past year.

In late January, Killnet claimed responsibility for a DDoS attack in Germany that targeted airport websites, the financial sector, and federal and state authorities. The attack was mainly fended off and did not cause serious consequences.

A coordinated denial-of-service attack led by the same pro-Russian hacker group rendered some major U.S. airports' websites inaccessible last October 2022. Fortunately, officials reported that the attack had no impact on flights.

The FS-ISAC report also stated that the speed at which DDoS attacks reach their peak and the duration of the peak is also increasing, leaving less time for firms to mitigate. Attack types are becoming more varied, complex, and sophisticated, including hardware, DNS infrastructure, and web server attacks.

Bracing for Future Attacks

The rise in DDoS attacks can be linked to the growing number of devices that can connect to the internet. These devices are often not very secure, so they can be used as botnets to strengthen attacks.

DDoS attacks are now readily available to all through the as-a-Service (aaS) model, where threat actors offer their services for hire on the Dark Web. The Internet of Things (IoT) has also provided an abundance of poorly secured devices that can be used as botnets.

The increasing ease and availability of botnet infrastructure and amplification techniques have commodified DDoS attacks. The intensity of these attacks is also rising, with peak volumes reaching 700 GB/s in 2022, requiring more resources to combat them.

Teresa Walsh, FS-ISAC's global head of intelligence, stated that DDoS attacks are here to stay. Boaz Gelbord, Chief of Security at Akamai Technologies, which worked with FS-ISAC on the report, noted that DDoS attacks are a favorite tool of hacktivist groups because they can cause a significant impact when services commonly used by the public become unavailable.

Stay posted here at Tech Times.

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics