Tag Archives: denial of service attack

Seal with Clubs goes down due to DDoS Attack

Bitcoin poker site, Seals with Clubs, was twice targeted by a Distributed Denial of Service (DDoS) attack this weekend – forcing it offline for three days. It is not known why the US-facing poker site was targeted for the DDoS attacks – in which multiple computer systems overload a single web site with incoming traffic – or who was responsible. The first attack started on Thursday evening (local time) when the site became inaccessible to regular players while those who were already logged in found that their games stalled and then the site crashed. Seal with Clubs´ CEO Bryan Micon was quick to re-assure players on the site that no accounts had been compromised and the Seals with Clubs Twitter account kept clients up to date with the progress of “Seal Team 6” as the site battled to get the software transferred to a new data centre. However, shortly after getting up and running on Sunday, Seals with Clubs was hit by a second, smaller DDoS attack which knocked out all the Sunday feature tournaments on the site. Protection Implemented Against Further Attacks [The first attack] was a large DDoS, very sophisticated and quite powerful enough to knock everything off, get an IP blackholed, all that good stuff, Micon said in a statement to PokerFuse.com. We have quickly, in the middle of the weekend, changed datacenters and have a new, beefier setup with all of our data intact and a sick DDoS protection layer. New software has also been integrated into the Seals with Clubs downloadable client to add further protection, and players have been advised that they will have to update their existing software to enable them to play on Seals with Clubs. An update to the Seals with Clubs Android App is also expected later today (Monday). The Seals are Back By late Sunday evening, Seals with Clubs was back online and saw more than 300 players on the cash game tables with several low-value tournaments under way. Due to the change of data centres, players who recently deposited into their accounts may have to wait until Monday to see the funds appear in the cashier; however facilities for getting Bitcoin funds out of players´ accounts are operating normally with withdrawal requests dealt with in a matter of hours. Players who were involved in poker tournaments at the time of the DDoS attack have been told that they will receive “generous refunds” in respect of their tournament buy-ins. Source: http://www.pokernewsreport.com/seal-with-clubs-gets-battered-in-ddos-attack-12029

Anti-spam Spamhaus up again after 75Gbps Distributed Denial of Service (DDoS) Attacks

The website of non-profit spam fighter Spamhaus is online again after a huge DDoS attack knocked it offline on Sunday, but attackers are continue to target another anti-spam sites that help ISPs combat spam from infected IP addresses. Spamhaus, which provides several anti-spam DNS-based blocklists and maintains the “register of known spam operations”, came under a huge DDoS attack on Sunday, which knocked its web server and mail server offline until Wednesday. Spamhaus spokesperson Luc Rossini on Monday denied a report that Anonymous was behind the attack and pointed to a “Russian criminal malware gang” as the source. On Tuesday Spamhaus sought cover from the attack with DDoS protection provider CloudFlare, which today reported the attack on Spamhaus reached a peak of about 75 gigabits per second. The attackers used a cocktail of DDoS attack methods, but the primary one that helped generate that volume of traffic was a “reflection attack”, according to Matthew Prince, CloudFlare’s CEO. “The basic technique of a DNS reflection attack is to send a request for a large DNS zone file with the source IP address spoofed to be the intended victim to a large number of open DNS resolvers,” Prince explained, noting that 30,000 open DNS resolvers were recorded in the attack, which used spoofed IP addresses CloudFlare had issued to Spamhaus. “The resolvers then respond to the request, sending the large DNS zone answer to the intended victim. The attackers’ requests themselves are only a fraction of the size of the responses, meaning the attacker can effectively amplify their attack to many times the size of the bandwidth resources they themselves control.” Source: http://www.cso.com.au/article/456917/anti-spam_spamhaus_up_again_after_75gbps_ddos_attack/

Read the original:
Anti-spam Spamhaus up again after 75Gbps Distributed Denial of Service (DDoS) Attacks

Distributed Denial of Service-DDoS: 6 Banks Hit on Same Day

Six leading U.S. banking institutions were hit by distributed-denial-of-service attacks on March 12, the largest number of institutions to be targeted in a single day, says security expert Carl Herberger of Radware. The attacks are evolving, and the bot behind them, known as Brobot, is growing, he adds. This recent wave of DDoS attacks has proven to be the most disruptive among the campaigns that date back to September, says Herberger, vice president of security for the anti-DDoS solutions provider. “The Brobot has grown, the infection rate has increased, and the encrypted attacks have become more refined,” Herberger says. “As a result, it all is more effective. They’ve clearly gotten better at attacking more institutions at once.” Radware offers DDoS-mitigation tools to several high-profile clients, including U.S. banking institutions targeted in the recent attacks, Herberger says. As a result, the company has insights about numerous industrial sector attacks as well as online traffic patterns. Herberger declined to name the institutions affected, citing Radware’s non-disclosure agreements. But according to online traffic patterns collected by Internet and mobile- cloud testing and monitoring firm Keynote Systems Inc., JPMorgan Chase & Co., BB&T and PNC Financial Services Group suffered online outages on March 12. The three banks declined to comment about the attacks or confirm whether they had been targeted this week. Chase, however, acknowledged an online disruption in a March 12 post to the Chase Twitter f e ed . The post states: “*ALERT* We continue to work on getting Chase Online back to full speed. In the meantime, pls. use the Chase Mobile app or stop by a branch.” On March 13, the bank came back with this tweet: “We’re sorry it was such a rough day and we really appreciate your patience.” Phase 3 Attacks The hacktivist group Izz ad-Din al-Qassam Cyber Fighters on the morning of March 12 posted an update in the open forum Pastebin about its third phase of attacks. In it, the group mentions nine targets struck during the previous week. The group claims it is waging its attacks against U.S. banking institutions over a Youtube video deemed offensive to Muslims. The nine latest targets identified by the hacktivists – Bank of America, BB&T, Capital One, Chase, Citibank, Fifth Third Bancorp, PNC, Union Bank and U.S. Bancorp – have either declined to comment or have denied suffering any online disruptions. But Keynote Systems says Chase, BB&T and PNC suffered major online failures between 12:30 p.m. and 11 p.m. ET on March 12. Outages suffered by Chase resulted in a nearly 100 percent failure rating between the hours of 2 p.m. ET and 11 p.m. ET, says Ben Rushlo, Keynote’s director of performance management. “That means the site was unavailable most of that time. That’s pretty massive.” BB&T also had significant issues, but not quite so severe, Rushlo says. Between 12:30 p.m. and 2:30 p.m. ET, and then again briefly at 5:30 p.m. ET, BB&T’s online-banking site suffered intermittent outages, he adds. PNC’s site suffered a significant outage for a 30-minute span beginning bout 3:30 p.m. ET, Rushlo says. “On a scale relative to Chase, they were affected 10 times less.” Rushlo stresses that Keynote cannot confirm the cause of the online outages at the three banks because the company does not monitor DDoS activity; it only monitors customer-facing applications. Nevertheless, the online analysis Keynote conducts is in-depth, Rushlo contends. “We’re actually going behind the logons to emulate what the customer sees or experiences when they try to conduct online-banking,” he says. Defeating DDoS Radware’s Herberger says some institutions have successfully mitigated their DDoS exposure, while others are only succeeding at masking the duress their online infrastructures are experiencing. “There has been a lot of quick provisioning to address these attacks,” he says. “But if something changes, like it has now, then the whole game changes and the whole equilibrium changes. It’s not really solving the problem; it’s just addressing a glitch.” More banking institutions need to go beyond Internet protocol blocking to address attacks that are aimed at servers and site-load balancers, he says. But many organizations have failed to take the additional steps needed to successfully and consistently deflect these emerging DDoS tactics. “The thing that’s kind of frustrating to all of us is that we are six months into this and we still feel like this is a game of chess,” Herberger says. “How is it that an industry that has been adorned with so many resources – with more than any other industrial segment in U.S. – missed the threat of hacktivist concerns? There seems to clearly be industrial sector vulnerabilities that were missed in all of the historical risk assessments.” For DDoS protection click here . Source: http://www.bankinfosecurity.com/ddos-6-banks-hit-on-same-day-a-5607

Follow this link:
Distributed Denial of Service-DDoS: 6 Banks Hit on Same Day

Amid banking DDoS attacks, Obama convenes cybersecurity meeting with CEOs

President Barack Obama is shining yet another light on the rising cybersecurity threat in the US, sitting down with more than a dozen CEOs inside the White House Situation Room to discuss how government and the private sector can work together to better protect the nation’s citizens and critical infrastructure. “What is absolutely true is that we have seen a steady ramping up of cybersecurity threats,” Obama said in an interview on ABC’s Good Morning America . “Some are state-sponsored [and] some are just sponsored by criminals.” The timing could not be more apropos: Tuesday offered a bumper crop of cybersecurity red flags to add weight to the president’s statement. For one, a top US official told the Senate Intelligence Committee that cyber attacks are becoming the top global threat. It’s “grown to be right up there” with terrorism, said FBI director Robert Mueller, who said cybersecurity risks now keep him awake at night. Ironically, Mueller, along with First Lady Michelle Obama, Vice President Joe Biden and other political targets were made the victims of a doxxing campaign, which published online supposedly authentic personal information like mortgage statements and credit reports. Meanwhile, JPMorgan Chase and five other banks were hit with denial of service (DDoS) attacks in a renewed offensive on the financial industry yesterday. Attacks on banks have become an ongoing issue, spearheaded in 2012 with the launch of “Operation Ababil” by Islamist hacking collective Izz ad-Din al-Qassam. That attack wave was in protest of “The Innocence of Muslims,” an anti-Islam video that mocked the Prophet Muhammad. On New Year’s Day the group said that that the cyber-attacks will continue, noting in an online manifesto that “rulers and officials of American banks must expect our massive attacks! From now on, none of the U.S. banks will be safe from our attacks.” Indeed, attacks in February and last week have continued the trend, with Chase becoming the latest victim of a website slowdown. In January, a Ponemon Institute survey revealed that more than two-thirds of banks in the US have suffered DDoS attacks within the last 12 months. Gen. Keith Alexander, head of the Pentagon’s US Cyber Command, told Congress at Tuesday’s hearing that Wall Street firms were hit by more than 140 attacks in the last six months. Chase confirmed that CEO Jamie Dimon is among those accepting the president’s invitation to the meeting. Another participant will be Exxon Mobil CEO Rex Tillerson, the oil giant confirmed, but the rest of the group will not be revealed until after the summit, the White House said. Obama issued an executive order Feb. 12 aimed at improving the public sector’s ability to warn enterprises of imminent cyberthreats. It directs the government to share threat information with critical infrastructure owners, and for government agencies to develop a security framework that business can voluntarily adopt. The intention is that unclassified threat reports “that identify a specific targeted entity” will be shared, and that classified reports will be shared with “critical infrastructure entities authorized to receive them.” The White House is also seeking a comprehensive piece of legislation to further information-sharing initiatives in order to protect critical infrastructure such as the power grid, water supply equipment, transportation hubs, and so on. US House of Representatives Intelligence Committee Chairman Mike Rogers (R-Mich.) and Rep. Dutch Ruppersberger (D-Md.) introduced a new version of the Cyber Intelligence Sharing and Protection Act (CISPA) last month, which would make it easier for business and government to work together concerning threats, attacks and remedies in order to shore up defenses. For instance, the House bill as written would offer broad protection from lawsuits to companies that give over user data to the Department of Homeland Security, which in turn would share it with intelligence agencies on a need-to-know basis. In the GMA interview, Obama noted the ramifications of inaction: “Billions of dollars are lost to the consequences. You know, industrial secrets are stolen. Our companies are put into competitive disadvantage. There are disruptions to our systems that…involve everything from our financial systems to some of our infrastructure.” For DDoS protection click here . Source: http://www.infosecurity-magazine.com/view/31244/amid-banking-ddos-attacks-obama-convenes-cybersecurity-meeting-with-ceos/

View original post here:
Amid banking DDoS attacks, Obama convenes cybersecurity meeting with CEOs

Distributed Denial of Service (DDoS) attacks recovery costs an average of $3,000 per day for businesses

Organizations citing cybersecurity costs as an impediment to implementing a layered defense should rethink their priorities: Denial of service (DDoS) and malware infection recovery costs range into the thousands of dollars – per day. According to a report from Solutionary, organizations are spending a staggering amount of money in the aftermath of an attack: as much as $6,500 per hour to recover from DDoS attacks and more than $3,000 per day for up to 30 days to mitigate and recover from malware attacks. All of those third-party consultants, PR crews, incident response teams, mitigation software and other immediate investments add up, apparently. But other damages need to be considered as well: the report numbers don’t include revenue that may have been lost due to related systems downtime, or lost productivity. Nor do they include the intellectual property-related costs. “Cyber criminals are targeting organizations with advanced threats and attacks designed to siphon off valuable corporate IP and regulated information, deny online services to millions of users and damage brand reputation,” said Don Gray, chief security strategist with Solutionary. Unfortunately, the likelihood of suffering such an attack is, of course, going up. They’re also becoming focused on certain arenas. For instance, in addition to traditional network-layer attacks, a full 75% of DDoS attacks target Secure Socket Layer (SSL) protected components of web applications, the report found. The downside is that detecting and blocking attacks in encrypted protocols primarily used for legitimate traffic can be more complex than responding to historical TCP/UDP-based DDoS attacks. Malware attacks, meanwhile, are becoming vertical-specific. The report found that 80% of attempts to infect organizations with malware are directed at financial (45%) and retail (35%) organizations. These forays frequently arrive as targeted spam email, which attempts to coerce the recipient to execute an attachment or click on an infected link. Unfortunately, a full 54% of malware typically evades anti-virus detection. Only 46% of samples tested via VirusTotal by Solutionary were detected by anti-virus – indicating a clear need for companies to invest in multiple malware detection mechanisms. The report also found that Java is the most targeted software in exploit kits, replacing Adobe PDF exploits. Almost 40% of total exploits in exploit kits now target Java. When it comes to where attacks are originating, domestic IP addresses are the largest source of attacks against US organizations. “While there has been considerable discussion about foreign-based attacks against US organizations, 83% of all attacks against them originate from US IP address space, and the absolute quantity of these attacks vastly outnumbers attacks seen from any other country,” the company said. “One contributing factor is foreign attackers using compromised machines near attack targets in the US to help evade security controls. This attack localization strategy has also been observed in attacks on targets in other countries.” Attackers from other countries focus on different industry targets – 90% of all attack activity from China-based IP addresses is directed against the business services, technology and financial sectors. And a full 85% of all attack activity from Japan-based IP addresses identified by Solutionary was focused against the manufacturing industry. However, attacks targeting the financial sector appear to originate fairly evenly from attackers in many countries across the world. Attack techniques also vary significantly by country of origin. Among the top four non-US source countries, the majority of attack traffic from China is indicative of communication with already-compromised targeted devices, while Japanese and Canadian attackers appear to focus more on application exploit attempts. Attacks originating from Germany involve more botnet Command and Control (C&C) activity. For DDoS protection click here . Source: http://www.infosecurity-magazine.com/view/31247/malware-attack-recovery-costs-an-average-of-3000-per-day/

J.P. Morgan Confirms Distributed Denial of Service (DDoS) Attacks on Chase.com

The retail banking website of J.P. Morgan Chase & Co. (JPM) on Tuesday has come under a so-called “denial of service” attack, rendering it unusable for customers, a bank spokesman confirmed. The site first slowed earlier Tuesday, and in the afternoon it became unavailable. The bank is responding with increased security measures for the website, chase.com. The spokesman said no customer data had been compromised, but didn’t say when the site would be fully restored. The bank’s mobile-banking applications are working, and branches and automated teller machines aren’t impacted. The bank, the nation’s largest by assets, told customers in a Twitter message Tuesday afternoon that it is experiencing “intermittent issues,” followed by another message stating that the bank is working “on getting Chase Online back to full speed.” On the website, the bank posted: “Our website is temporarily unavailable. We’re working to quickly restore access. Please log on later.” Banks have been increasingly hit by cyberattacks over the last two years, including DOS attacks that increase the volume of website hits, slowing access to the sites by customers. Banks have been preparing in recent days for a new wave of DOS attacks, according to a banking industry source, including strengthening their firewalls. Citigroup Inc. (C) said in its annual earnings filing with the Securities and Exchange Commission last month that it, like other banks, was the victim of several cyberattacks in 2012 and previous years, and that it managed to detect and respond to these incidents “before they became significant.” The attacks nevertheless “resulted in certain limited losses in some instances.” For DDoS protection against your eCommerce website click here . Source: http://www.foxbusiness.com/news/2013/03/12/jp-morgan-confirms-denial-service-attacks-on-chasecom/

Read the article:
J.P. Morgan Confirms Distributed Denial of Service (DDoS) Attacks on Chase.com

GitHub Hit With Another DDoS Attack, Second In Two Days, And “Major Service Outage”

Services on code-sharing site GitHub have been disrupted for over an hour in what started as a “major service outage” because of a “brief DDoS attack.” This is the second DDoS attack in as many days and at least the third in the last several months: Yesterday, GitHub also reported a DDoS incident. And in October 2012, the service also went down due to malicious hackers. Today, the distributed denial of service incident has affected the site for at least an hour, starting at 10.43AM GMT with a major service outage. GitHub noted that the cause was a “another brief DDoS attack” and that service should be returning to normal. At 11.11AM, the site reported that some systems were still being affected. “Access to downloadable source code archives and uploaded files is temporarily down. We’re working to restore it asap,” it noted. There has been some debate over security at GitHub, with several people recently revealing the amount of sensitive information like passwords and private keys stored on publicly-accessible pages. On a code-sharing repository, this is not like blasting information as you might see in a display ad, but it’s the kind of information that can be found if you know how and where to look. And the DDoS attacks against GitHub go back some way. In Feburary 2012, for example, the site revealed a sustained attack that lasted for nearly a week. “This attack is global, and has been very intense at times. Yesterday morning, for example, github.com suddenly received requests from 10,000 times the number of clients it had handled the minute before,” Jesse Newland wrote on GitHub’s blog. That only resulted in an hour of total downtime. He also wrote that GitHub was putting in place measures to better protect against DDoS attacks in the future — although clearly not eliminate them completely. GitHub has had a lot of success in the last few years. With some 3 million developers using the site to post and share code; a recent $100 million round from Andreessen Horowitz; and other accolades, it exemplifies the wider trend of the rise of the enterprise startup — a status that likely also brings positive as negative attention. Update : Three hours later, everything is back up and working normally. We have reached out to ask whether GitHub has any more information about the incidents. Source: http://techcrunch.com/2013/03/10/github-hit-with-another-ddos-attack-second-in-two-days-and-major-service-outage/

Read the original:
GitHub Hit With Another DDoS Attack, Second In Two Days, And “Major Service Outage”

Distributed Denial of Service (DDoS) Protection Hardware for the Data Centre… Or Not!

Earlier this month, Juniper Networks purchased Webscreen Systems from Accumuli a UK-based IT security specialist. With this acquisition, Juniper is furthering a strategy to try to deal with distributed denial of service (DDoS) attacks from within a data centre by adding more hardware. While one can understand why a company that produces and sells hardware would see hardware as the best fix, there are several reasons why this is the wrong solution for most consumers, and could actually unnecessarily cost you time, money and brand integrity. Given the varied range in DDoS hardware protection options out there, it seems that many feel this is the strongest solution to protect their online presence from a DDoS attack. However, after more than 15 years in the industry, I can think of five good reasons why using DDoS hardware protection in a data centre hosting environment is a flawed strategy. REASON #1 Increased costs passed on to customers. With DDoS hardware protection, the expense of purchasing, updating and maintaining the hardware, plus the necessary staff to manage it in a data centre hosting environment, will be high. These costs will be passed on to you, the hosting customer. REASON #2 More points of failure. By adding another piece of hardware, you are adding yet another point of failure. In all things networking, keeping your number of points of potential failure low is a key to success. Studies show that firewalls, IDS and other similar hardware protection platforms have over a 42 percent chance of failing. [Arbor Worldwide Infrastructure Security Report 2011 ] Do you want to be on that platform when it fails? REASON #3 Someone else’s problem becomes your problem. In a data centre environment, multiple customers often share resources (whether they know it or not). Platforms like servers, switches, routers and firewalls are often provisioned with more than one client. If you are sharing DDoS hardware protection, you become vulnerable to the problems of other clients sharing that device. REASON #4 One size never really fits all. A solution for a data centre will try to be generic enough to fit all clients’ needs, which means it probably won’t be specific enough for your exact requirements, or robust enough to handle more sophisticated attacks. REASON #5 How focused are the people watching your gear? Even with the best DDoS hardware protection out there, you might as well try to protect your websites with a toaster if there isn’t a proficient team dedicated to administering and managing the hardware. In a hosting environment, the operations team has many responsibilities, of which managing DDoS hardware is a low priority one. Even if someone is paying attention and able to divert their focus to your servers for a short while during a DDoS attack, it won’t be for long, and repeated DDoS attacks would likely go unmitigated, or your IP would be null-routed to save resources and minimize collateral damage. With so many vendors offering DDoS hardware protection, it might be tempting to conclude that it’s a safer option that will serve your business well. However, cloud-based DDoS protection offers many benefits that are not possible with DDoS hardware solutions, with few of the risks. To learn more about DOSarrest cloud-based DDoS protection and mitigation services, click here . Jag Bains, CTO, DOSarrest Internet Security (Formerly Director of Network Engineering and Operations for Peer1 Hosting)

See the original post:
Distributed Denial of Service (DDoS) Protection Hardware for the Data Centre… Or Not!

Five tips to combat a Distributed Denial of Service (DDoS) Attack

Who’s next? That’s a question probably lingering on the minds of many American banking executives these days. After all, eight U.S. banks were hammered by distributed denial of service (DDoS) cyber attacks in recent weeks and more could be in the works. A DDoS attack typically floods a website or network with so much traffic that it shuts down. The attack can last anywhere from hours to days, depending on how long it takes the victim to divert the traffic and how long the perpetrator can keep blasting the traffic at the victim’s site and network. The hacktivist group known as Izz ad-Din al-Qassam Cyber Fighters took credit for the cyber attacks on the banks. In posts on the website www.pastebin.com, the group said the DDoS attacks were in retaliation to a YouTube video insulting the Prophet Muhammad and many Muslims. Could this wave of cyber attacks be the beginning of a new movement? Will hacktivist groups join cyber criminals, ruthless competitors and even angry customers in launching DDoS attacks to shut down company websites? It’s possible. Especially since the tools to launch DDoS attacks are cheap and readily accessible. Currently, there are more than 50 DDoS tools 1 on the market. And if DDoS attacks do become more prevalent, how much damage can they cause? Well, according to one study 2 more than 65% of the respondents said when their websites go down it costs them about $10,000 per hour or $240,000 per day. Most of these companies were in the finance, telecom, travel and IT industries. These costs are due to lost business and lost resources when staff members have to work on matters related to the attack, instead of on their regular jobs. Retailers who sell most of their merchandise online said when their websites go down, it costs them about $100,000 per hour. If this is indeed the case, what can organizations do to protect themselves? Here are five tips offered by computer security experts: Maintain a high level of awareness to spot suspicious site traffic and other anomalies. Install the most advanced intrusion detection signatures (IDS) and intrusion prevention signatures (IDS) as defense mechanisms against cyber attacks. Make sure you have automatic updates scheduled for your anti-virus and other software programs. Review incident recovery plans and employee training strategies to ensure that your staff knows what to do if you do experience a DDoS attack or other form of cyber attack. Work closely with Internet Service Providers, law enforcement and vendors when faced with cyber threats and other suspicious cyber activity. Have you experienced a DDoS cyber attack? If so, how did you respond? We would like to hear about it. Contact us . Source: http://www.lexology.com/library/detail.aspx?g=61781aa7-caf5-4da1-8c2a-18b4590f3b0d

Excerpt from:
Five tips to combat a Distributed Denial of Service (DDoS) Attack

Predictions for Distributed Denial of Service (DDoS) Attacks in 2013 will be application based

Twenty-five percent of distributed denial of service (DDoS) attacks that occur in 2013 will be application-based, according to Gartner, Inc. During such incidents, attackers send out targeted commands to applications to tax the central processing unit (CPU) and memory and make the application unavailable. “2012 witnessed a new level of sophistication in organized attacks against enterprises across the globe, and they will grow in sophistication and effectiveness in 2013,” said Avivah Litan, vice president and distinguished analyst at Gartner. “A new class of damaging DDoS attacks and devious criminal social-engineering ploys were launched against U.S. banks in the second half of 2012, and this will continue in 2013 as well-organized criminal activity takes advantage of weaknesses in people, processes and systems.” High-bandwidth DDoS attacks are becoming the new norm and will continue wreaking havoc on unprepared enterprises in 2013. A new class of damaging DDoS attacks was launched against U.S. banks in the second half of 2012, sometimes adding up to 70 Gbps of noisy network traffic blasting at the banks through their Internet pipes. Until this recent spate of attacks, most network-level DDoS attacks consumed only five Gbps of bandwidth, but more recent levels made it impossible for bank customers and others using the same pipes to get to their websites. Hackers use DDoS attacks to distract security staff so that they can steal sensitive information or money from accounts. People continue to be the weakest link in the security chain, as criminal social engineering ploys reach new levels of deviousness in 2013. In 2012, several different fraud scams that took social engineering tactics to new heights of deviousness have been reported, including criminals approaching people in person as law enforcement or bank officers to help them through account migration that then comprised their bank accounts. Source: http://timesofindia.indiatimes.com/tech/enterprise-it/security/25-of-DDoS-attacks-to-be-application-based-in-2013/articleshow/18613476.cms

Excerpt from:
Predictions for Distributed Denial of Service (DDoS) Attacks in 2013 will be application based