The recent spate of DDoS attacks on US banks and the comments by ENISA’s Security expert and chairman of the Security Group ISACA John Warren about the lack of preparedness of EU banks is also borne out by a survey carried out earlier this year by DDoS experts Corero. The survey (conducted amongst IT Directors of 200 US organisations and 100 UK organisations) showed that 33% of organisations in the financial sector had no technology in place to protect them against DDoS attacks. It also revealed that US financial organisations were more concerned than their British counterparts about the threat posed by DDoS attacks: 68% of US respondents were concerned about the threat of DDoS attacks compared to just 28% of UK respondents. This could be explained by the fact that more US companies had experienced one or more DDoS attacks in the last 12 months (36%) against 24% of UK companies.
Interestingly, though the recent attacks reportedly on US Bank, PNC, Well Fargo, Bank of America and Chase Bank are believed to be instigated by Muslim extremist group Izz ad-Din al-Qassam cyber fighters, none of the US companies had claimed to have experienced a DDoS attack motivated by political aims. The main reason cited for prior attacks was businesses seeking to gain a competitive advantage over competitors. 33% of UK banks had however experienced attacks motivated by political reasons.
Paul Lawrence, VP International Operations for DDoS mitigation experts Corero, comments, “In our experience financial organisations are slightly ahead of other businesses in the appreciation of the threats that DDoS attacks represent to their business, however many are lulled into a false sense of security by thinking that traditional means of defence like firewalls will combat the threat. Unfortunately it’s often only when they’re the victim of attacks like those that have hit US banks that they realise that firewalls are unable to cope with such large volumetric attacks. Their organisation may also be experiencing other more subtle Application Layer DDoS attacks that go completely unnoticed as they appear to be legitimate traffic but which can also negatively impact their business without them even realising it.”