Fears for Banks :Cyber Attacks Ranking High in 2015

Banking increasingly felt the sting of cyber attacks in 2015, after what was a hard year of DDoS and breaches against conpanies globally. From Finland, to Sweden, to Greece, to the US, cyber threats are becoming the new liability to plague the industry. In a report conducted by the Cyber Security Forum Initiative and PricewaterhouseCoopers, 672 bankers from around the world were interviewed  in regards to how they were assessing risk in the financial sector.
Out of all 672 respondents, only five bankers gave criminality a score of 1 out of 5 when it came to importance, showing that, in 2016, most banks will be probably more aware of cyber-threats than ever before.

With cases like the DDoS-for-Bitcoin extortion scheme on Greek banks and the blackmail of a UAE bank after its servers were hacked, it’s hard to believe that the banking sector has not learned its lesson regarding cybercrime in 2015, and this study comes to prove it.

    “Tax evasion and money laundering are two threats that can be managed and controlled. Cyber-attacks are a different animal,” said one banking industry observer living in the US.

His opinion was also shared by Simon Samuels, banking consultant in the UK, who explained that “we may at some point see a cyber-attack so powerful on an individual bank that it has the power to bring down the institution, necessitating a state bailout.”

Easy Money

2016 promises to be a year of increasing growth for both cyber attacks and security. Without the risk of a physical connection to the crime, cyber attacks are lucrative and relatively easy to both novice and skilled players in the game.  With groups like Armada Collective and DD4BC prowling for targets, it only makes sense that banks are concerned. No access to a customer’s money is the highest point of frustration for someone using their banking services, bar none. The fact that there’s a possibility of a massive attack bringing down a banking institution in its entirety should concern more than just the IT departments at the banks. That’s a disruption of the entire financing and cash flow of tons of people.

We encourage people looking for online hosting to look for companies that have prepared for cyber crime. We should do the same for banks as consumers. (We would like to point out authorities doing the same, the FFIEC issued a statement in regards to DDoS in banking back in 2013.) Obviously the banks take protecting money seriously for their sake, but clients to banks should demand the same of their information, and make sure there’s accountability for incidents.

New amplification methods : RIP AND PORTMAP

To catch up on the latest amplification methods I decided to write this post to give a short review for them. RIP amplification method is a shortcutNew amplification methods : RIP AND PORTMAP for the Routing Information Protocol which is a UDP service working on port 520. Its amplification rate is pretty decent at about […]

DDoS, Baidu, and China’s Great Cannon

Recently the New York Times announced that CloudFlare has partnered with Internet search giant Baidu in China, Google’s eerily similar competitor, to deliver Yunjiasu, a CloudFlare-like service in China. The service is aimed at speeding up Internet connectivity and providing some level security services for its customers, including limited DDoS mitigation. It will likely operate similar to CloudFlare itself, with […]

Free Cloud Services and How They Are Used for DDoS

Free cloud services have become popular in recent years. These services provide developers a platform to test software, and collaborate with others easily. While this sounds amazing, in reality these platforms can be a goldmine for attackers if not properly secured. Many of these services require only an email for verification. Setting up fake emails […]

DYLD: The New Apple Zero Day Exploit

According to TechNewsWorld, “Malwarebytes has discovered a new zero day exploit in OS X that lets apps bypass passwords during installation to get root permission through a Unix shell.” The exploit installs an application that allows “anything to be installed anywhere”. There was a time when Mac users were a small contingent on the Internet […]

ddos amplifier

A History Lesson: Apple’s Patented Method for Amplifying DDoS

In late-1999, Apple was granted US Patent No 5,931,961 for Discovery of acceptable packet size using ICMP echo.  A form of this mechanism was implemented in Mac OS 9 and was soon misused as a means of amplifying DDoS attacks .  This patent is widely-cited by inventors at other Internet giants, but the mistake in its method […]

Tunneling Traffic Through DNS to Bypass Firewalls

Monitoring and analyzing your network traffic is more of an art form than a science: every network is unique. The differences appear in the services we run, the types of traffic we generate, as well as our network design and layout. In order to properly analyze traffic dumps, we must first know what kind of […]

Webair CTO Presents Multi-Layer DDoS Mitigation Strategies

In a recent presentation to LinuxCon attendees, Webair CTO Sagi Brody and Senior Infrastructure Engineer Logan Best discussed the current dynamics of DDoS attacks and mitigation methods, and we’re pleased to have been included and provide some statistics for them. Beginning from the target server all the way to 3rd party protection, Brody describes ways […]

Staminus Chooses Advania As Its Official DDoS Partner in Iceland

Staminus has teamed up with the multi-service IT company Advania to defend their Iceland-based clients. With 70 years of experience in the field of technology services, Advania is the largest business of its kind in Iceland, and was the ideal partner to help establish a quality defense against Distributed Denial-of-Service (DDoS) attacks in the country. […]

The 5000 Pound iPhone: Your Smart Car

Everyone wants to be the new next best thing.  We hear quite often about the “iPhone killer”, but that has not occurred to date.  There is also an understanding that all new technology comes with security risks (which is how so many devices end up as DDoS sources).  So it’s becoming real interesting to watch the automotive industry […]

Responding to advanced threats with a SIEM is like playing ‘Where’s Waldo’ with your Network

When alerts get escalated, what’s your go-to solution to validate and track the threat? When monitoring a recognized breach to see what happens next, what do you rely on to make sure you see the attacker’s every move throughout your network? If you’re like most enterprises, you were sold a bill of goods with Security […]

DDoS attack size is getting bigger

DDoS attacks aren’t going away anytime soon. In fact, they’re getting bigger, according to network security company Arbor Networks. But there’s good news for potential attacks in the Internet of Things arena—some heat is off there. DDoS, or Distributed Denial-of-Service, attacks are where numerous compromised computers are used to target a single system. In simple terms, […]