Bankers Beware: DDoS Attacks Are On the Rise
Scott Hammack can't be specific, but sometime this month his denial-of-service protection company Prolexic Technologies warded off a 160 gigabits per second attack aimed at one of his bank customers.
To put that in perspective, think about most DoS and DDoS attacks as droplets of water from a faucet. The attack Hammack referred to is like buckets of water being poured into a sink, preventing anything else from going down the drain.
"The attacks are ramping up and causing more problems than they ever have," says Hammack, the CEO of Prolexic of Hollywood, Fla. "The landscape is becoming more and more chaotic."
Bankers are increasingly feeling the wrath of these cyber attackers, who enslave potentially thousands of web servers (in botnets) that direct traffic at a single website.
Prolexic mitigated more attacks in the first quarter of this year than in any previous year, according to a first quarter report it recently released.
The source countries for the attacks continue to be China, Germany and Iran.
The average attack bandwidth jumped 718% to 48.25 Gbps from 5.9 Gbps during the same time period last year, the report says. And the average length of an attack lengthened to 34.5 hours from 32.2 hours in the first quarter of last year.
And they are coming closer together. Just this month, Wells Fargo acknowledged two attacks in just nine days that took down its online and mobile banking services for hours.
These were just two in a series of attacks that have touched JPMorgan Chase (JPM), BB&T (BBT), American Express (AXP) and TD Bank in recent memory.
Hammack refers to groups such as the al-Qassam Cyber Fighters that have become increasingly active since this fall as a potential reason for the increasingly sophisticated and disturbing attacks. "Never before have attacks been this formidable," says Prolexic in the report.
The company operates what Hammack calls scrubbing facilities throughout the world that, for his customers, block the bad traffic created by criminals and filter through the good.
"We've got technology that senses when volumes change at different enterprise customers," says Hammack. "And when we see the volume change, we immediately delve into the traffic and then determine whether an attack has started or not — putting different filters in place to cut out the bad traffic."
He has no doubt the attacks, such as the 160-gigabit one on a customer bank this year, will continue.