Cyberattacks Added Frequency, Firepower in 2012: Report

Print
Email
Reprints
Comment
Twitter
LinkedIn
Facebook
Google+

Cyberattackers are boosting the frequency and firepower of their assaults as well as shifting tactics to avoid detection.

Attacks designed to slow companies' websites rose 19% in the fourth quarter of 2012, compared with a year earlier, Prolexic, a digital security firm, said in a report published Thursday.

So-called denial of service attacks consumed roughly 13.5% more processing power than they did in the fourth quarter of 2012, as attackers used a toolkit called itsoknoproblembro to create malicious software that can commandeer armies of servers that can flood companies' websites with a digital tsunami.

"2012 demonstrated a remarkable evolution within the world of DDoS activity," Prolexic staff wrote, referring to distributed denial of service attacks. "Over the 12-month period, large attacks targeted the financial services, e-commerce, [software as a service], and energy sectors as well as government organizations and even specific [internet service providers]."

The report added that "the paradigm shifted with the emergence of the itsoknoproblembro" malware, which "allowed for effective and automated reconnaissance, exploitation, infection and attack management."

The findings come amid a series of cyberattacks since last fall that have swamped websites and inconvenienced customers of the nation's biggest banks. On Tuesday, BB&T weathered the third assault on its website since September.

Some big banks reportedly have turned to U.S. intelligence officials for information about the attacks and advice on how to protect computer systems.

The report finds that attackers refined itsoknoproblembro throughout 2012 as they sought to boost the malware's effectiveness and to avoid detection.

According to Prolexic, most attacks that used itsoknoproblembro in the fourth quarter are believed to have originated in China as a result of the number of vulnerable servers and workstations located in the country. A majority of the remaining traffic is thought to have come from machines in Eastern Europe and throughout the rest of Asia.

Though website owners can defend against the attacks by either filtering traffic to their sites or disabling the attacking software, the latest forms of malware can themselves become servers. "This means that for practical reasons the individual bots themselves must ultimately be identified and removed," Prolexic wrote.

JOIN THE DISCUSSION

SEE MORE IN

'We Don't Want to Wage this Proxy Contest in the Gutter': Week's Best Quotes

The most notable quotes from American Banker stories of the previous week. Readers are encouraged to add their own observations in the Comments fields at the bottom of each slide.

(Image: Fotolia)

Comments (0)

Be the first to comment on this post using the section below.

Add Your Comments:
Not Registered?
You must be registered to post a comment. Click here to register.
Already registered? Log in here
Please note you must now log in with your email address and password.

The FinTech 100

FIS and Tata once again top the annual FinTech 100 list of vendors, ranked by revenue; IBM and Hewlett-Packard lead the pack of tech companies serving multiple industries; and Bionym and Silver Tail are among the 10 Tech Companies to Watch.
DAILY ENEWSLETTER UPDATE

A Newsletter featuring Bank Technology News' top stories plus special reports and data

This feature displays payments industry news and analysis from American Banker sibling brand PaymentsSource. Registration is required; for more information contact customer service.

TWITTER
FACEBOOK
LINKEDIN
Already a subscriber? Log in here
Please note you must now log in with your email address and password.