Distributed-denial-of-service attacks (DDoS) and threats posed by hacktivists was a hot topic at Dallas’ recent Fraud and Data Breach Prevention and Response Summit.
During his keynote address, retired U.S. Air Force General Dr. Dale Meyerrose noted that 90 percent of all cyberattacks involve DDoS – which, along with being an attack in and of itself, is sometimes used as a distraction to mask another attack taking place in the background (such as account takeover).
DDoS attacks waged on banks between the fall of 2012 and spring of 2013 by one hacktivist group constituted the longest-running cyberattack campaign ever recorded against the financial sector – the sole purpose of which was to disrupt online financial services, not perpetrate fraud or extort banks for money.
These attacks became the catalyst for more collaborating and information sharing between U.S. banking institutions and the government – quelling later attacks by the group. Many banks, however, lack adequate defenses – and banks and credit unions have the potential to lose $100,000 per hour because of downtime and possible fraud during a DDoS attack.
Hacktivists are increasingly waging DDoS attacks to mask more nefarious deeds, such as the theft of intellectual property and business secrets – with the purpose of stealing this information to blackmail companies in the future.