Cyberattacks Added Frequency, Firepower in 2012: Report

Print
Email
Reprints
Comment
Twitter
LinkedIn
Facebook
Google+
Partner Insights

Cyberattackers are boosting the frequency and firepower of their assaults as well as shifting tactics to avoid detection.

Attacks designed to slow companies' websites rose 19% in the fourth quarter of 2012, compared with a year earlier, Prolexic, a digital security firm, said in a report published Thursday.

So-called denial of service attacks consumed roughly 13.5% more processing power than they did in the fourth quarter of 2012, as attackers used a toolkit called itsoknoproblembro to create malicious software that can commandeer armies of servers that can flood companies' websites with a digital tsunami.

"2012 demonstrated a remarkable evolution within the world of DDoS activity," Prolexic staff wrote, referring to distributed denial of service attacks. "Over the 12-month period, large attacks targeted the financial services, e-commerce, [software as a service], and energy sectors as well as government organizations and even specific [internet service providers]."

The report added that "the paradigm shifted with the emergence of the itsoknoproblembro" malware, which "allowed for effective and automated reconnaissance, exploitation, infection and attack management."

The findings come amid a series of cyberattacks since last fall that have swamped websites and inconvenienced customers of the nation's biggest banks. On Tuesday, BB&T weathered the third assault on its website since September.

Some big banks reportedly have turned to U.S. intelligence officials for information about the attacks and advice on how to protect computer systems.

The report finds that attackers refined itsoknoproblembro throughout 2012 as they sought to boost the malware's effectiveness and to avoid detection.

According to Prolexic, most attacks that used itsoknoproblembro in the fourth quarter are believed to have originated in China as a result of the number of vulnerable servers and workstations located in the country. A majority of the remaining traffic is thought to have come from machines in Eastern Europe and throughout the rest of Asia.

Though website owners can defend against the attacks by either filtering traffic to their sites or disabling the attacking software, the latest forms of malware can themselves become servers. "This means that for practical reasons the individual bots themselves must ultimately be identified and removed," Prolexic wrote.

JOIN THE DISCUSSION

SEE MORE IN

'Dodd-Frank Is Like the TSA': Comments of the Week
American Banker readers share their views on the most pressing banking topics of the week. Comments are excerpted from reader response sections of AmericanBanker.com articles and from our social media platforms.

(Image: iStock)

Comments (0)

Be the first to comment on this post using the section below.

Add Your Comments:
Not Registered?
You must be registered to post a comment. Click here to register.
Already registered? Log in here
Please note you must now log in with your email address and password.
Already a subscriber? Log in here
Please note you must now log in with your email address and password.