Ovum has released findings from its report Tackling the DDoS Threat to Banking in 2014, which indicates that banks will be subjected to new kinds of security attacks in 2014 and that cloud-based solutions will be key to helping them to remain secure.
With politically motivated hacktivists emerging as a new security concern alongside the more traditional hackers seeking financial gain, the nature and scale of distributed denial-of-service (DDoS) attacks have changed greatly according to Ovum. This means that banks will be caught between massive-scale DDoS attacks from hacktivists and smaller, smarter financially motivated exploits that use DDoS to avoid detection.
Because of this increasing variation, a multi-layered approach to DDoS mitigation will become necessary, according to Ovum. Part of a bank’s infrastructure can address the more sophisticated, finely targeted attacks with filtering, while another part can address the blunt instrument of a volumetric attack through absorption tactics.
Cloud-based security solutions in particular will play a large role in helping banks secure themselves against volumetric DDoS attacks, especially given the high upfront costs involved in adding bandwidth and infrastructure on premise at a time when banking budgets are under intense scrutiny.
Rik Turner, senior analyst, financial services technology, Ovum said: “DDoS attacks have undergone significant evolution over the past year. On the one hand they have grown larger, even while their average individual duration has actually decreased. Attacks the size of those mounted in Operation Ababil [a coordinated series of DDoS assaults on websites of US financial institutions launched in September 2012] are still the outliers rather than the norm. However, given the availability of ever-larger and cheaper botnets, Operation Ababil points in one direction that DDoS can go.”
Turner said that another trend arising is the use of more sophisticated technologies, such as headless browsers, that enable relatively small attacks that are of a shorter duration to go undetected and potentially wreak their own kind of havoc on a bank's website.
“We have seen a trend of DDoS attacks being blended into other activities in order to throw banks off the trail of more financially motivated exploits. By employing a DDoS alongside an account hacking attack, the criminals hope to enjoy more time to transfer funds and remove traces of their activities,” Turner said.
Share this story