Posted on May 25, 2018 at 5:16 PM
According to the recent reports, both the ABN Amro and Rabobank were experiencing heavy DDoS attacks. Rabobank was targeted last night, on Thursday evening, while ABN Amro experienced an attack of its own today, on Friday morning.
Two new attacks hit banking giants
According to recent reports, two banking giants by the name of ABN Amro and Rabobank have experienced heavy DDoS attacks. The attacks did not hit both banks at the same time, however, with Rabobank being hit last night, starting 6pm. The attack was stopped just before midnight. ABN Amro, on the other hand, was attacked earlier today, in the early morning hours.
The attacks seem to have relatively limited in scope, but they still had a serious impact. The banks’ customers had difficulties accessing the banks’ services, while others found it completely impossible to do so. A lot of users have been commenting on the recent development. Some have supported the bank via Twitter, while others were irritated by the entire situation. One user has even stated that the bank should invest money into preventing such attacks since they are becoming way too often.
Principal security technologist, EMEA at NETSCOUT Arbor, Kirill Kasavchenko, has stated that the banks are often targeted by DDoS attacks. What’s troubling, however, is that these attacks are becoming increasingly sophisticated. The motives for the attacks may be different, but that doesn’t change the fact that the banks have an obligation towards their customers, and they have to make sure that their services can remain available, despite the attacks.
He also added that the weapons are in a state of constant change, which means that the defenses must change as well. This is why sharing data and cooperating with one another is a necessary step for banks, in order to properly prepare and become capable of handling such threats. This doesn’t only include the banks, but also other financial institutions, cybersecurities, as well a the government itself.
DDoS attacks keep coming
DDoS attacks are a constant occurrence and have been for years now. Still, it would seem that they have been targeting ABN Amro a lot in the last few months. Neither the researchers nor the bank still do not know who is to blame for this. Some reports issued by NL Times claim that the attacks are coming from a hacking group in Russia and that ESET has managed to track them. ESET has stated that this is a false information and that the NL Times’ journalists are falsely interpreting their statements.
Back in April, ABN Amro has believed that the attacks might finally be over due to two actions brought by the law enforcement. They included the arrest of a person by the name of Jelle S who was using IoTroop botnet for attacking Dutch banks and websites belonging to the government. This arrest is the first of the two actions, and it was performed by Dutch Team High Tech Crime, otherwise known as THTC.
Another action was called Operation PowerOFF, and it was the name of the operation used for closing Webstresser website. This particular website offered cyber attacks for those who were willing to pay, and their method of operation includes launching DDoS attacks against banks and other financial institutions. One of the banks that were hit is believed to be ABN Amro itself.
Still, the attacks continued even past this point. Even though the actions might have slowed down the attack rate, it is clearly not enough to completely stop them. There are no signs that the attacks revolve around some sort of ransom, but it was suggested that they might be just a distraction, while the real attack consists of malware installment on the bank IT systems. It is also possible that the real goal of the attackers is to steal the bank’s data.
These attacks are coming at a really bad time for everyone. Especially since the number of people who are banking through the smartphone apps is increasing almost on a daily basis. All of them expect that their banks will be capable of protecting their interests, as well as be available at all times, as they were promised.
Kasavchenko has said it as well – that more and more people are interacting with their banks online. This includes making payments, checking balance, as well as moving their funds from one account to the other. Because of this, the banks need to be capable of protecting their customers and keep providing them with their services. However, as these attacks are clearly indicating, not even the biggest banks are untouchable when it comes to this kind of attacks.