Tag Archives: ddos news

Companies suffer an average of 15 DDoS attacks per year

The average company suffers 15 DDoS attacks per year, with average attacks causing 17 hours of effective downtime, including slowdowns, denied customer access or crashes, according to A10 Networks. As DDoS attacks become more popular, they are also growing harder to defend. While the average peak bandwidth of attacks was a staggering 30-40 gigabits per second (Gbps), 59 percent of organizations have experienced an attack over 40 Gbps. A majority of respondents (77%) also expect … More ?

DNS attacks cost businesses more than $1 million a year

New research has revealed that DNS attacks are costing businesses more than $1 million a year in lost business and service downtime. For years, DNS has silently and peacefully served internet needs, but it’s mostly been thought of as a trivial protocol requiring very basic configuration and monitoring. Despite its criticality, this service has never really been considered as a potential security issue, mostly because common usage leads people to believe it is a trivial protocol requiring very basic confguration and monitoring. But while DNS may have been safe and apparently secure for the last twenty years, because of its complexity and evolving role in the IT industry it has become a powerful attack vector, with 91% of malware using the DNS protocol. According to the new study from IDC and EfficientIP , the top three DNS attacks that have the largest impact on an organisation are Distributed Denial of Service (DDoS attacks, Zero-Day vulnerabilities and data exfiltration. These types of attacks are the main cause of business outage and data theft. But despite 74% being victims of DNS attacks, 25% of businesses still aren’t implementing any kind of basic security software. EfficientIP’s experts warn that existing DNS defenses are outdated and no longer work. Until now, the approach to IT Security has been one that has downplayed the risk of DNS threats, bundling them in with a wide selection of diferent network threats that can be protected using traditional security tools and techniques. It is an approach that threatens DNS security by overcomplicating architectures, adding slow and inappropriate layers of defence. While firewalls can protect on a basic level, on their own they;re not designed to deal with high bandwidth DDoS attacks, or detect DNS tunnelling attempts (the majority of DDoS attacks are now over 1Gbps), and most businesses still rely on the ‘out-of-the-box’ non-secure DNS servers offered by Microsoft or Linux servers. ‘The report has highlighted that despite the massive increase in cyber attacks, companies and their IT departments still don’t fully appreciate the risks from DNS-based attacks,’ said David Williamson, EfficientIP CEO. ‘In just under two years GDPR will come into effect and companies will be held responsible for all security breaches and could face major fines. It’s crucial for all businesses to start taking DNS security seriously.’ Source: http://www.information-age.com/technology/security/123461604/dns-attacks-cost-businesses-more-1-million-year-study

View article:
DNS attacks cost businesses more than $1 million a year

Defending against DDoS-Day

It was tax time in Australia, 2014, and one Sydney tax agent, like many others across the country, was all-hands-on-deck as staff took endless calls and filled appointment diaries. The frantic pace was welcomed at the young firm, which prided itself on being hip, casual, and cool. The firm’s slick, mobile-friendly website and a good search engine ranking brought a decent rush of new clients to the firm each year. So when the site went on- and offline over the course of a week, phones stopped ringing and staff panicked. The firm was on the receiving end of a distributed denial-of-service (DDoS) attack from IP addresses out of Eastern Europe that overwhelmed the small business IT infrastructure. An email in the company’s generic inbox demanded that US$1,000 be wired to a Western Union account in order for the attacks to stop. “We called our tech guys and they tried to block it,” a senior tax accountant told CRN on condition of anonymity. “We called the cops, but no-one could fix it quickly enough so we paid.” The price was cheap compared to the damage wrought. And fears that the criminals would just ask for more money once the ransom was paid were unfounded; the attacks stopped abruptly and no more was heard from them. Booters and stressers When a dam threatens to breach, it helps to have a network of diversion channels where the water can flow away from the towns below. So it is that a wave of DDoS packets can be soaked up by throwing large networks in front of the target. The floods are becoming more common, but their nature is changing to something more efficient and dangerous than in previous years. Akamai’s latest release of the popular State of the Internet report for the last quarter of 2015 finds a 149 percent increase in total DDoS attacks and a 169 percent increase in infrastructure layer attacks over the same period in 2014. The “vast majority” of these attacks were from so-called booter or stresser providers, the DDoS-for-hire services that operate with a gossamer-thin veil of legitimacy for customers who pay hourly to monthly rates to point the attacks at their own infrastructure. Of course, many who use the services point the booters at rival businesses, governments and, notably, live-stream gaming video channels operated by rivals. These attacks have “increased dramatically”, Akamai says, compared to the preceding three months, with use of network timing attacks that power the booters up by 57 percent on the previous quarter. Such attacks abuse the network timing protocol so a small query generates a large response, which is redirected at a target. “Network Time Protocol amplification attacks have be used in large-scale DDoS attacks peaking shy of 400Gbps, but DNS amplification attacks have also been successfully used to cripple infrastructure and cause serious financial losses,” BitDefender senior threat analyst Adrian Liviu Arsene says. “One of the largest DDoS attack to date was reported to have reached around 500Gbps, although the standard is somewhere around 100Gbps.” Motive and intent Distributed denial-of-service is the second most likely digital attack to be familiar to the average pedestrian after viruses. The method of attack hit mainstream headlines some six years ago, when online activist group Anonymous brought down major websites, including Paypal, the Recording Industry Association of America and the sites of Canberra public agencies. Systematic arrests followed, bursting the bubble of those participants who thought safety in numbers would shield their IP addresses from being singled out by police. It signalled a fall in popularity of DDoS as a means of protest. The criminal undercurrent remains and here cash is king, but motivations still vary. Businesses use DDoS attacks to knock off rivals and criminals to send sites offline until a ransom is paid. Yet others use the digital flood as a diversion to distract security defenders and set off alarms while they hack into back-end systems. One group known as DDoS for Bitcoin, or DDoS4BC, is using the proven anonymity of the crypto-currency to extort companies through DDoS. It is a safer model for criminals than that which ripped through the Sydney tax accountancy, and considerably more expensive for victims. It is, as of January, known to have hit more than 150 companies around the world, first sending an extortion note demanding between AU$5,600 and a whopping AU$112,000 in Bitcoins before launching small DDoS attacks to demonstrate the group’s capabilities. For some victims, the DDoS may be short-lived and devoid of any apparent motive, according to Verizon Enterprise Solutions investigative response managing principal Ashish Thapar. “We have definitely seen DDoS on the rise and several of our partners are logging double the [usual] number of incidents,” Thapar says. “We are also seeing DDoS attacks bringing companies them to their knees but not entirely offline, which acts as a smokescreen for advanced persistent threat attacks at the back end.” That’s also something Secure Logic chief executive officer Santosh Devaraj has seen. The company hosts iVote, the electronic voting system for NSW, and last year bagged the $990,000 contract to operate it until 2020. “There are ‘DDoS for hire’ groups we’ve seen as part of monitoring iVote that may be trying to gain access to infrastructure at the back,” Devaraj says. “The real threat may not be the DDoS.” DDoS down under Australian businesses are less targeted than those overseas, experts agree, thanks in part to our smaller internet pipes. But with the NBN rolling out, DDoS Down Under is expected to become big. The midmarket is likely to be hit harder, BitDefender’s Arsene says. “Midmarket DDoS attacks are likely to rise as the chances of targets actually paying are higher than for other organisations,” he says. “[Criminals] specifically target midmarket companies that don’t have the technical resources to fend off such attacks.” Akamai chief strategist John Ellis agrees, saying extortionists “tend to hit the sites with a large online presence”. “For cyber adversaries, the [midmarket] provides a fantastic target,” Ellis adds. “A Sydney developer team that relies heavily in online app availability, for example, may have to seriously consider whether it rolls over and pays DDoS extortionists.” The attacks in Australia are, for now, fairly small. “We are seeing bigger DDoS attacks, but they’re nowhere near the size of attacks in the US,” says Melbourne IT cloud and mobile solutions general manager Peter Wright. “It is partly because infrastructure and bandwidth limitations reduce the size of DDoS attacks. It is an attribute of infrastructure capacity and there is a risk that, as we broaden the pipes [as part of the National Broadband Network], it brings huge benefits but increases the risk profile as well.” Sinking feeling Big banks are smashed by DDoS attacks every day and largely do not bat an eyelid. Online gambling companies, too, across Australia are blasted during big sporting events. These top end of town players have expensive, tried-and-tested scrubbing mechanisms to largely neuter DDoS attacks, although some betting agencies are known to have regularly paid off attackers during the Melbourne Cup, treating it as a cost of business. The midmarket is not left to its own devices, however. Hosting providers like Melbourne IT and others offer DDoS protection against applications and services, while other companies have cheaper offerings for the budget market. “I am sympathetic to the midmarket, their need for bang-for-buck,” Ellis says. “The challenge for the midmarket is that they don’t have the money that they need… they should focus on business outcomes and partners who understand their business and design outcomes.” For Secure Logic’s Devaraj, DDoS mitigation comes down to a solid cyber security operations centre. “It is where I believe the industry should invest, rather than a particular technology.” Yet companies can use free or cheap DDoS protection from the likes of CloudFlare, or opt for do-it-yourself options that require hardening of security defences – something the average small technology shop may lack the ability to do. “There are DDoS sinkholes and capabilities with our cloud partners,” Wright says. “If a resource or function is hit, we can move workloads to other resources dynamically.” Arsene agrees. “Midmarket tech guys need to start by incorporating DDoS attack risks into their corporate security strategies. Using a secure and managed DNS that supports changing internet protocols on the fly is also recommended, as well as patching software vulnerabilities to mitigate application layer attacks.” Source: http://www.crn.com.au/feature/defending-against-ddos-day-419470/page1 http://www.crn.com.au/feature/defending-against-ddos-day-419470/page2

Read the original post:
Defending against DDoS-Day

Massive DDoS attacks reach record levels as botnets make them cheaper to launch

Nineteen attacks that exceeded 100Gbps were recorded during the first three months of 2016 There were 19 distributed denial-of-service (DDoS) attacks that exceeded 100 Gbps during the first three months of the year, almost four times more than in the previous quarter. Even more concerning is that these mega attacks, which few companies can withstand on their own, were launched using so-called booter or stresser botnets that are common and cheap to rent. This means that more criminals can now afford to launch such crippling attacks. “In the past, very few attacks generated with booter/stresser tools exceeded the 100 Gbps mark,” researchers from Akamai said in the company’s State of the Internet security report for the first quarter of 2016 that was released Tuesday. By comparison, only five DDoS attacks over 100 Gbps were recorded during the fourth quarter of 2015 and eight in the third quarter. Nineteen such attacks in a single quarter is a new high, with the previous record, 17, set in the third quarter of 2014. But high bandwidth is not the only aspect of DDoS attacks that can cause problems for defenders. Even lower-bandwidth attacks can be dangerous if they have a high packet rate. A large number of packets per second poses a threat to routers because they dedicate RAM to process every single packet, regardless of its size. If a router serves multiple clients in addition to the target and exhausts its resources, that can cause collateral damage. According to Akamai, in the first quarter there were six DDoS attacks that exceeded 30 million packets per second (Mpps), and two attacks that peaked at over 50 Mpps. DDoS reflection and amplification techniques continue to be used extensively. These involve abusing misconfigured servers on the Internet that respond to spoofed requests over various UDP-based protocols. Around one-in-four of all DDoS attacks seen during the first three months of 2016 contained UDP (User Datagram Protocol) fragments. This fragmentation can indicate the use of DDoS amplification techniques, which results in large payloads. The four next most common DDoS attack vectors were all protocols that are abused for DDoS reflection: DNS (18 percent), NTP (12 percent), CHARGEN (11 percent) and SSDP (7 percent). Another worrying trend is that an increasing number of attacks now use two or more vectors at the same time. Almost 60 percent of all DDoS attacks observed during the first quarter were multivector attacks: 42 percent used two vectors and 17 percent used three or more. “The continued rise of multi-vector attacks suggests that attackers or their attack tools are growing more sophisticated,” the Akamai researchers said in their report. “This causes problems for security practitioners, since each attack vector requires unique mitigation controls.” China, the U.S. and Turkey were the top three countries from where DDoS attack traffic originated, but this indicates where the largest number of compromised computers and misconfigured servers are located, not where the attackers are based. The most-hit industry was gaming, accounting for 55 percent of all attacks. It was followed by software and technology (25 percent), media and entertainment (5 percent), financial services (4 percent) and Internet and telecommunications (4 percent). Being hit by one isn’t the only way DDoS attacks can affect businesses: They can also be blackmailed with the threat of one, an increasing trend over the past year. In some cases attackers don’t even have to deliver on their threats. Researchers from CloudFlare reported recently that an extortion group earned $100,000 without ever launching a single DDoS attack. Source: http://www.itnews.com/article/3079988/massive-ddos-attacks-reach-record-levels-as-botnets-make-them-cheaper-to-launch.html

See original article:
Massive DDoS attacks reach record levels as botnets make them cheaper to launch

Anonymous DDoS and shutdown London Stock Exchange for two hours

Anonymous hacktivists take down the London Stock Exchange website for more than two hours as part of protest against world’s banks The online hacktivist group, Anonymous reportedly shut down the London Stock Exchange (LSE) website last week for more than two hours as part of a protest against world’s banks and financial institutions. According to the Mail on Sunday, the attack was carried out by Philippines unit of Anonymous on June 2 at 9am. Previous targets have included the Bank of Greece, the Central Bank of the Dominican Republic and the Dutch Central Bank. The newspaper says: “Anonymous claims the incident was one of 67 successful attacks it has launched in the past month on the websites of major institutions, with targets including the Swiss National Bank, the Central Bank of Venezuela and the Federal Reserve Bank of San Francisco.” A spokesperson for the LSE declined to comment on the incident, however, the attack most likely took the form of a distributed denial of service (DDoS) attack, meaning trading would not have been affected and no sensitive data would have been compromised. In the 24 hours before the LSE site went down, the group also claims that the attack on the LSE was the latest in a series that has also seen it target the websites of NYSE Euronext, the parent company of the New York Stock Exchange and the Turkey Stock Exchange, as part of a campaign called Operation Icarus. According to the newspaper, City of London Police said it was not informed that the LSE website had gone down and had no knowledge of the attack. However, the latest attack may not be a complete surprise. In a video posted to YouTube on May 4, a member of the amorphous group announced in that “central bank sites across the world” would be attacked as part of a month-long Operation Icarus campaign. The video statement said: “We will not let the banks win, we will be attacking the banks with one of the most massive attacks ever seen in the history of Anonymous.” By using a distributed-denial-of-service (DDoS) cyberattack, the group also successfully disrupted the Greek central bank’s website. In light of that event, a separate video was posted to YouTube on May 2. The masked individual representing Anonymous group said: “Olympus will fall. How fitting that Icarus found his way back to Greece. Today, we have continuously taken down the website of the Bank of Greece. Today, Operation Icarus has moved into the next phase.” The Anonymous spokesperson added: “Like Icarus, the powers that be have flown too close to the sun, and the time has come to set the wings of their empire ablaze, and watch the system their power relies on come to a grinding halt and come crashing down around them. We must strike at the heart of their empire by once again throwing a wrench into the machine, but this time we face a much bigger target – the global financial system.” Source: http://www.techworm.net/2016/06/anonymous-ddos-shutdown-london-stock-exchange-two-hours.html

Continue reading here:
Anonymous DDoS and shutdown London Stock Exchange for two hours

Hackers Hit Facebook CEO Mark Zuckerberg’s Twitter and Pinterest Accounts

Facebook co-founder and CEO Mark Zuckerberg was apparently targeted by a hacking team over the weekend that was able to access his seldom-used Twitter and Pinterest accounts. The hacker group OurMine, believed to be based in Saudi Arabia, posted messages to Zuckerberg’s Twitter account, @finkd, which features just 19 tweets and hasn’t been otherwise updated since 2012. The team also briefly commandeered Zuckerberg’s Pinterest account, which has just a few boards and pins. Both Twitter and Pinterest have since removed the unauthorized content on Zuckerberg’s accounts, and Twitter has also suspended OurMine’s main account. The group is now posting on Twitter via a backup account. ‘Saving People from Other Hackers’ On Sunday, OurTeam tweeted on the backup account, “i don’t understand why @twitter suspended our account while we are saving people from other hackers!” Another tweet posted this morning added, “Our Old Twitter (@_OurMine_) is suspended because we are just trying to secure Mark Zuckerberg Accounts!” The person or people posting to the backup OurTeam Twitter page also noted they would try to get the team’s main Twitter account unsuspended. Contrary to some news reports stating that OurTeam claimed to have found Zuckerberg’s login information from user data leaked from a major hack attack on LinkedIn in 2012, the hacking group noted in a tweet yesterday that it had made no such claim and added that it had never used LinkedIn. ‘Relatively New’ Hacking Group OurMine is a “relatively new” hacking group that first appeared on Twitter in March 2015, according to a report published by the content delivery network specialist Akamai last year. The team initially appeared to focus on distributed denial of service (DDoS) attacks on gaming services, and later took responsibility for similar such attacks on financial service companies. Nine companies were attacked by OurTeam on July 22 of last year, with the combined DDoS attack levels exceeding 117 gigabytes per second. OurMine has also claimed to have attacked a number of other targets, including Soundcloud and PewDiePie. Zuckerberg hasn’t made any public statement regarding the OurMine attacks on his accounts. However, after OurMine tweeted it had accessed his accounts, Zuckerberg responded, “No you didn’t. Go away, skids.” That tweet has also since been removed. A June 2012 hack of LinkedIn was originally believed to have involved just 6.5 million passwords — at least, that’s the number LinkedIn first acknowledged. However, a report emerged last month that a dark Web marketplace and another site, LeakedSource, had obtained data from 167 million hacked LinkedIn accounts. Of those, 117 million included e-mails and passwords. The remaining accounts are thought to belong to users who logged into the site via Facebook. Some news reports have stated that OurTeam claimed to have found Zuckerberg’s Twitter and Pinterest password — “dadada” — in the compromised LinkedIn data. Source: http://www.sci-tech-today.com/news/Hackers-Hit-Zuckerberg-s-Accounts/story.xhtml?story_id=012001GT5W5O

NTP Patches Flaws That Enable DDoS

The network time protocol, at the center of a number of high-profile DDoS attacks in 2014, was updated on Thursday to ntp-4.2.8p8. The latest version includes patches for five vulnerabilities, including one rated high-severity. NTP, specifically the NTP daemon, synchronizes system clocks with time servers. Vulnerable NTP servers were used two years ago with regular frequency to carry out amplification attacks against targets. High-bandwidth NTP-based DDoS attacks skyrocketed as attackers used vulnerable NTP implementations to amplify DDoS attacks much in the way DNS amplification has been used in the past. Some NTP amplification attacks reached 400 Gbps in severity, enough to bring down even some of the better protected online services. US-CERT today released a vulnerability notification about the latest set of NTP vulnerabilities. “Exploitation of one of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition,” the US-CERT advisory said. US-CERT also published a list vendors potentially vulnerable to attack; as of this afternoon, only the NTP project’s ntpd implementation is known to be affected. The status of the remainder of the A-Z list of vendors is characterized as unknown. “Unauthenticated, remote attackers may be able to spoof or send specially crafted packets to create denial of service conditions,” US-CERT said. One of the vulnerabilities, privately reported by Cisco, is a crypto-NAK crash or denial-of-service bug. Crypto-NAK responses are sent by NTP servers if a server and client do not agree on a message authentication code. The four remaining flaws were disclosed by Red Hat researchers. One is related to the crypto-NAK issue. “An attacker who knows the origin timestamp and can send a spoofed packet containing a CRYPTO-NAK to an ephemeral peer target before any other response is sent can demobilize that association,” an NTP.org bug report says. Another patch corrects a flaw where spoofed server packets were processed. “An attacker who is able to spoof packets with correct origin timestamps from enough servers before the expected response packets arrive at the target machine can affect some peer variables and, for example, cause a false leap indication to be set,” said the bug report. An autokey association reset flaw was also patched. Here an attacker who spoofs a packet with a correct origin timestamp before the response arrives can send a crypto-NAK or bad MAC and cause an association’s peer variables to be cleared, eventually preventing it from working correctly. The final vulnerability addressed is an issue where broadcast clients may be flipped into interleave mode. Source: NTP Patches Flaws That Enable DDoS https://wp.me/p3AjUX-uOO

Anonymous Announces #OpSilence, Month-Long Attacks on Mainstream Media

Members of the Ghost Squad Hackers team, one of most active Anonymous sub-divisions, have carried out DDoS attacks on CNN and FOX News as part of a new hacktivism campaign. Called OpSilence, the campaign’s goal is to attack all mainstream media that fails to report on the Palestine war or the true crimes happening in Syria, one of the hackers told Mic. #OpSilence will take place during the entire month of June 2016 The operation will be run similarly to #OpIcarus , a month-long series of attacks that took place in the month of May against various banks around the world. Any hacktivism group is welcomed to join, and the campaign comes on the heels of OpIcarus, which just ended yesterday. Ghost Squad Hackers didn’t wait for June to start to begin their attacks, and they’ve already hit the email servers of FOX News and CNN. The group has been changing tactics lately, switching from DDoSing public websites to attacking mail servers, as they did most recently against the Bank of England. Other hackers have taken a pro-Palestine stance before Taking a pro-Palestine stance isn’t something strange for hackers, many others supporting this cause as well. The previous group that did so was CWA (Crackas With Attitude), whose hacked targets include CIA Director John Brennan’s personal AOL email account, FBI Deputy Director Mark Giuliano, US National Intelligence Director James Clapper, and President Barack Obama’s Senior Advisor on science and technology John Holdren. The group is also responsible for hacking the JABS US national arrests database. They also leaked details for 2,400 US government officials, 80 Miami police officers, 9,000 DHS employees, and 20,000 FBI staffers. Back in February, the group’s leader, a sixteen-year-old boy, was arrested in East Midlands, England. Source: http://news.softpedia.com/news/anonymous-announces-opsilence-month-long-attacks-on-mainstream-media-504760.shtml

See the article here:
Anonymous Announces #OpSilence, Month-Long Attacks on Mainstream Media

DDoS Attacks via TFTP Protocol Become a Reality After Research Goes Public

Almost three months after researchers from the Edinburgh Napier University published a study on how to carry out reflection DDoS attacks by abusing TFTP servers, Akamai is now warning of real-life attacks. Akamai SIRT, the company’s security team, says its engineers detected at least ten DDoS attacks since April 20, 2016, during which crooks abused Internet-exposed TFTP servers to reflect traffic and send it tenfolds towards their targets, in a tactic that’s called a “reflection” (or “amplification”) DDoS attack. The crooks sent a small number of packets to TFTP servers, which contained various flaws in the protocol implementation, and then sent it back multiplied to their targets. The multiplication factor for TFTP DDoS attacks is 60, well above the regular average for reflection DDoS attacks, which is between 2 and 10. First instances of TFTP reflection DDoS attacks fail to impress Akamai says the attacks they detected employing TFTP servers were part of multi-vector DDoS attacks, during which crooks mixed different DDoS-vulnerable protocols together, in order to confuse their target’s IT department and make it harder to mitigate. Because the attack wasn’t pure, it never reached huge statistical measurements. Akamai reports the peak bandwidth was 1.2 Gbps and the peak packet volume was 176,400 packets per second. These are considered low values for DDoS attacks, but enough to consume the target’s bandwidth. Akamai SIRT says they’ve seen a weaponized version of the TFTP attack script circulating online as soon as the Napier University study was released. The crooks seem to have misconfigured the attack script The attack script is simple and takes user input values such as the victim’s IP, the attacked port, a list of IP addresses from vulnerable, Internet-available TFTP servers, the packet per second rate limit, the number of threads, and the time the script should run. In the attacks it detected, Akamai says the crooks ignored to set the attacked port value, and their script send out traffic to random ports on the target’s server. Back in March, Napier University researchers said they’ve found over 599,600 publicly open servers that had port 69 (TFTP) open. Akamai warns organizations to secure their TFTP servers by placing these servers behind a firewall. Since the 25-year-old TFTP protocol doesn’t support modern authentication methods, there is no good reason to have these types of servers exposed to the Internet. Source: http://news.softpedia.com/news/ddos-attacks-via-tftp-protocol-become-a-reality-after-research-goes-public-504713.shtml#ixzz4AH801pER

More:
DDoS Attacks via TFTP Protocol Become a Reality After Research Goes Public

UK-Based Llyod’s Bank Sees Decrease in Cyberattacks

Swimming against the torrent of relentless headlines highlighting the lack of cybersecurity among banks, government agencies, and popular websites, the Lloyds Banking Group has seen an 80-90% drop in cyberattacks. The reason? “Enhanced” cybersecurity measures. While banks around the world begin to accept the uncomfortable reality wherein a $81 million cyber-heist is entirely plausible whilst relying on the global banking platform (SWIFT), one UK-based bank has seen a drop in cyber-attacks. UK-based Llyods Banking Group has seen a drop of between 80% to 90%, even though there has been an increase in cyberattacks targeting the UK this year. The revelation was made by Miguel-Ángel Rodríguez-Sola, the group director for digital, marketing & customer development. One of the most common attack vectors remain Distributed Denial of Service (DDoS) attacks. “There had been an increase in the UK in terms of cyber attacks between June and February this year,” Rodríguez-Sola stated. He added “However, over the last two months, I have had five-times less than at the end of last year.” Speaking to the Telegraph , he claimed a greater collaborative effort with law enforcement agencies. More notably, he spoke about the enabling of additional layers of cyber-defenses, without going into specifics. In statements, he said: We needed to re-plan our digital development to make sure that we put in new defences, more layers. [The number of cyberattacks] is now one-fifth or one-tenth of what it was last year. The news of a decrease in cyberattacks faced by the banking group comes during a time when a third bank was recently revealed to be a victim of the same banking group which was involved in a staggering $81 million dollar heist involving the Bangladesh Central Bank. Increasing reports of other member banks of the SWIFT network falling prey to cyberheists has spurred SWIFT to issue a statement, urging banks to report cybercrimes targeting member banks. Source: https://hacked.com/uk-based-llyods-bank-sees-decrease-cyberattacks/

View article:
UK-Based Llyod’s Bank Sees Decrease in Cyberattacks