DDoS: Be Part of the Solution – Part 1

Have you been researching DDoS for fear they may come knocking on your network’s door, but are wondering why this is happening? We did a little research and have some interesting information for you. While these may not be the only reasons and sources for/of DDoS attacks, we thought you should know.

Who is at risk?

With the NCUA reporting industry record $8.5 billion net income, an increase of 36% over the previous year, it is not surprising that Credit Unions are more than a blip on the radar for cybercriminals.  Bank of America, PNC, Capital One, M&T Bank and others have been attacked recently.  But now along with these larger institutions we see the appearance of Credit Unions like Patelco Credit Union and UFCU among the recently reported incidents this year.  However, the extent of DDoS attacks in the CU industry is unclear.   NCUA regulations only require reporting of incidents that result in potential compromise of member data.  Since a successful DDoS attack may disrupt service, it does not in itself impose a threat to member data.  The question however remains.  Why does there seem to be a shift towards the Credit Unions for cybercriminals?  To understand “why”, you first need to know “who”.

DDOS-attackWho is attacking?

Enter Izz ad-Din al-Qassam Cyber Fighters.  This is an organization of cybercriminals the capacity to launch high volume coordinated attacks against institutions.  These attackers are capable of generating up to 75 Gbps of traffic with the objective of taking down a site or service.  There has been speculation that Iran or another nation-state has backed the Al-Qassam Cyber Fighters, however this is not proven.  Furthermore, they have found on instances of investigation where the source of the IPs used by the cybercriminals were from outside of Iran.  Al-Qassam claims no alignment to governments or other organizations.

Why are they attacking?

The Al-Qassam Cyber Fighters launched Operation Ababil in September of 2012 with the goal of having YouTube pull down the movie and trailers to “Innocence of Muslims”.  The movie is considered by them and others to be offensive to the Muslim community and is depicted as anti-Islamic.  And that in itself was what fueled the formation of this collection of “hackers” to organize for what they claim is a fight about a single issue.

Their multi-phased plan was to launch wide spread DDoS attacks on major US financial institutions until their demands were met.  They are claiming to be responsible for recent DDoS attacks.

Why not Google?

So why go after banks instead of Google?  While their attacks are sophisticated, the amount of havoc the can create in larger institutions may be limited by the defensive capabilities of these organizations.  Google is has one of the most powerful DDoS protection systems in the world.  They also have the network capacity required to manage an incoming 75 Gbps attack in order to prevent harm.  So in order to get the attention Al-Qassam wanted, they needed a smaller target with great visibility – US financial institutions.  By continuing to find smaller and more vulnerable targets, they created more successful attacks and more news to emphasize their demands.

It was reported that YouTube had removed the movie and trailer in late January.  However, in February, attacks are still occurring as not all copies were removed.

Part 2…

The second installment of this post will discuss how to defend your organization against DDoS attacks and how to start planning and implementing your DDoS mitigation plan. In the mean time, check out some of the information we have already posted regarding DDoS:

What is a DDoS Attack?

How do DDoS Mitigation Services Work?

DDoS, DNS, ICMP, Oh My!

Check out our Credit Union DDoS Series of Posts: Part1: Non Technical Explaination, Part 2: Impact Beyond Websites, Part 3: Mitigation Options, Part 4: OGO’s DDoS Solution.

Do you have immediate questions or concerns? We would be happy to discuss them with you.

Cost-Effective Solutions for Your Credit Union

Simply fill out this form and select the topic(s) that you would like more information for, and our team will reach out shortly.

Medium

Role
I agree to receive marketing communications from Ongoing Operations regarding news, updates, products, etc.(Required)

blank
modal close button

Welcome to the Ongoing Operations blog archive.

For our most up-to-date information, please visit ongoingoperations.com.

HOME