DDoS attacks on financial sector treble

Financial services firms were targeted by three times as many distributed denial-of-service (DDoS) attacks in the first quarter of 2012 than in the previous three months, a study has revealed.

Download this free guide

3 key web security guidelines from FS-ISAC

We address the ongoing issues regarding web security for businesses relying on an online presence. Download this e-guide and discover how to identify and address overlooked web security vulnerabilities as well as why you should look at the full security development lifecycle to reduce web threats.

Start Download

• Corporate E-mail Address:

  You forgot to provide an Email Address.

  This email address doesn’t appear to be valid.

  This email address is already registered. Please login.

  You have exceeded the maximum character limit.

  Please provide a Corporate E-mail Address.

• • I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.

  Please check the box if you want to proceed.

• • I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.

  Please check the box if you want to proceed.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

There was also a 3,000% increase in malicious packet traffic, according to the latest Quarterly Global DDoS Attack Report by security firm Prolexic Technologies.

The company mitigated more attack traffic in the first quarter of 2012 than it did in the whole of the previous year.

“This quarter was characterised by extremely high volumes of malicious traffic directed at our financial services clients,” said Neal Quinn, Prolexic’s vice president of operations.

“We expect other verticals beyond financial services, gaming and gambling to be on the receiving end of these massive attack volumes as the year progresses."

During the last three months of 2011, over 168 trillion bits of data and 14 billion packets of malicious traffic were identified as targeting financial services clients. In the first quarter this year, 5.7 quadrillion bits of data and 1.1 trillion malicious packets were identified and mitigated.

There was a 25% increase in DDoS attacks compared with the same period the year before, and a 25% increase in application layer attacks.

Despite the large increase in attacks against financial services firms, the total number of attacks was virtually unchanged, the report said.

Average attack durations continued to edge down, dropping from 34 hours to 28.5 hours in the first quarter. At the same time, average attack bandwidth increased to 6.1Gbps, up from 5.2Gbps in the previous quarter.

Taken together, these two metrics confirm previous trend predictions of shorter attack durations, but with higher traffic volumes, the report said.

Infrastructure layer attacks targeting Layer 3 and Layer 4 continue to be the choice of attackers, however the quarter showed a 6% increase in DDoS attacks targeting the application layer. Prolexic believes there will be a gradual shift to Layer 7 attacks over the long term.