DDoS Threats to Banks: Is Cloud-Based Security the Solution?
FREMONT, CA: Politically motivated hactivists are emerging as a new security threat alongside traditional hackers looking for financial gain. Distributed Denial of Service (DDoS), attack is one in which a large number of compromised systems attack a single target by flooding its bandwidth, thereby causing services to be denied for the users of the targeted system. The nature and scale of the DDoS attacks have changed a great deal. Ovum reports that global analysts indicate that banks will be caught between DDoS attacks from hacktivists.
According to Rik Turner, Senior Analyst, Financial Services Technology, Ovum, says that, “DDoS attacks have undergone significant evolution over the past year. They have grown larger, even while their individual duration has decreased.”
Attacks during Operation Ababil (a coordinated series of DDoS assaults on websites of US financial institutions launched in September 2012) are still the outliers rather than the norm. The availability of larger and cheaper botnets, Operation Ababil points in one direction that DDoS can go, while the other employs sophisticated technologies, such as headless browsers, which enable comparatively small attacks that are of a shorter duration. These assaults can go undetected and potentially wreak havoc on a bank's website. Another trend is to combine DDoS with other activities to throw banks off the trail of the financially motivated exploits. By using this along with an account hacking attack, the offenders hope to have more time to transfer funds and erase traces of their activities.
A multilayered approach is necessary for DDoS mitigation due to its increasing variation. A part of the bank’s infrastructure can address these attacks with filtering while the other part can address the volumetric attack through absorption tactics. Cloud-based security solutions, plays an important role in helping banks secure themselves against volumetric attacks.
By Leni Kaufman, VP & CIO, Newport News Shipbuilding
By George Evans, CIO, Singing River Health System
By John Kamin, EVP and CIO, Old National Bancorp
By Elliot Garbus, VP-IoT Solutions Group & GM-Automotive...
By Gregory Morrison, SVP & CIO, Cox Enterprises
By Alberto Ruocco, CIO, American Electric Power
By Sam Lamonica, CIO & VP Information Systems, Rosendin...
By Sergey Cherkasov, CIO, PhosAgro
By Pascal Becotte, MD-Global Supply Chain Practice for the...
By Stephen Caulfield, Executive Director, Global Field...
By Shamim Mohammad, SVP & CIO, CarMax
By Ronald Seymore, Managing Director, Enterprise Performance...
By Brad Bodell, SVP and CIO, CNO Financial Group, Inc.
By Jim Whitehurst, CEO, Red Hat
By Clark Golestani, EVP and CIO, Merck
By Scott Craig, Vice President of Product Marketing, Lexmark...
By Dave Kipe, SVP, Global Operations, Scholastic Inc.
By Meerah Rajavel, CIO, Forcepoint
By Amit Bahree, Executive, Global Technology and Innovation,...
By Greg Tacchetti, CIO, State Auto Insurance