DDOS Attacks Against US Banks Might Be Used to Cover Up Fraud, Experts Say

Gartner's Avivah Litan shares some expert insight on the matter

By on December 19th, 2012 12:05 GMT

Currently, there are a lot of cybercriminal operations that target United States financial institutions and their customers. Interestingly, experts believe that there might be a connection between the fraud campaigns and the DDOS attacks launched against US banks over the past period.

Avivah Litan, vice president and distinguished analyst in Gartner Research, explains that there are three classes of distributed denial-of-service (DDOS) attacks and attackers.

When political hacktivists conduct attacks, there usually isn't any fraud committed. In other scenarios, financially motivated criminals launch DDOS attacks and commit fraud at the same time.

In the third class of attacks, cybercriminals take advantage of the distractions created by the DDOS attacks launched by political hacktivists to commit fraud.

According to Litan, experts have identified some cases in which the attacks launched recently against major US banks have been “definitely” linked to online fraud.

“It’s important to note that the megabanks being attacked have many online properties, so a DDoS attack against one specific domain can still leave other domains up and running with the security staff who manage all of the domains very much distracted. The result: online fraud can and has occurred during the DDoS attacks,” she explained.

Organizations that want to protect themselves against such threats can check out the research note that will be released by Gartner called “Innovation drives Seven Dimensions of Context Aware Security.”

The note discusses layers of fraud prevention, authentication and authorization controls, the importance of organizational focus and alignment, and the available technical solutions.

In the meantime, experts reveal that Project Blitzkrieg, a major cybercriminal campaign that's designed to focus on a number of 30 major US banks, is a real threat.

Also, al-Qassam Cyber Fighters seem to be determined to keep launching DDOS attacks against US banks until the controversial Innocence of Muslims movie is removed from the web. Operation Ababil's second phase began last week and the hacktivists say that the attacks will continue.

Comments