Cyber Attacks on U.S. Banks Expose Vulnerabilities
Sep 28, 2012link
The assault, which escalated this week, was the subject of closed-door White House meetings in the past few days, according to a private-security specialist who asked not to be identified because he's helping to trace the attacks.
"They had already declared they would hit these banks at these times, and still we are seeing that these banks are not able to handle these DDoS attacks," Mushtaq said. "It's clear that the current infrastructure under the control of these banks is not good enough."
Superficially these are just DDoS attacks. Nothing sophisticated (at least as reported). What makes these attacks interesting is their scale – 10 to 20 times more traffic than the typical DDoS attacks. Large institutions with great financial incentives to prevent DDoS attacks failed to prevent the disruption. This has gotten the attention of the White House.
It will be interesting to find out exactly what has changed to allow this increased traffic intensity. Is it that bigger computers with bigger pipes (e.g., servers instead of home PC computers) are being integrated into Botnets? There are companies that provide DDoS protection. Can they handle the new traffic levels, or will new strategies need to be developed? Will this mark a new chapter in cyber attacks?