Imagine that you have plans to hit the mall one Saturday. Only, when you look out of your window, you notice that traffic is flooding the road. The end of the street looks even busier. Google Maps tells you that a journey that would normally take you 15 minutes will, instead, take you closer to an hour. There’s so much unexplained traffic that you decide not to go, knowing that getting there will be next to impossible. Now imagine that all of that traffic was put there on the road, all headed in the same direction, purely to attack the mall owners. And that every other legitimate customer like yourself found themselves similarly blocked from getting there; eventually just giving up and abandoning the plan. Needless to say, this would be bad news for the mall owner.
Scenarios like this are, of course, not feasible in the real world. Even someone with a major vendetta against a business wouldn’t be able to put thousands of cars on the road leading to the mall, purely to block traffic for real buyers. It’s a crazy idea. Everywhere, that is, except for the digital domain.
This is the essence of a Distributed Denial of Service cyberattack, a.k.a. a DDoS attack. In such attacks, malicious actors attempt to knock on online service offline by overwhelming it with a flood of fake traffic. This can either temporarily disrupt or suspend the services of hosting servers. DDoS attacks make use of what is called a botnet, a global network of compromised devices that are used for sending fraudulent requests.
DDoS attacks are on the rise
There are a number types of DDoS attacks, ranging from User Datagram Protocol (UDP) packet floods to SYN floods which exploit a weakness in the “three-way handshake” TCP connection sequence that serves as an important step in how computers talk to one another.
However, in every case the goal is to bombard the target with enough requests that they are left unable to respond to legitimate requests in a timely manner. This can result in considerable (unwanted) downtime, loss of revenue and, as unfair as it might sound, dented customer loyalty. After all, in competitive markets who sticks with a service that they find themselves unable to access consistently when they want it?
DDoS attacks are only becoming more common — partly thanks to the rise of connected Internet of Things devices which can be compromised to form botnets and the rise of “DDoS as a service” attacks providing DDoS attacks for hire.
No business is safe from the threat of DDoS attacks. But some find themselves more widely targeted than others. Financial service providers are regularly on the hit list of attackers looking for potential targets. Organizations falling under this umbrella, whether it’s a stock market like the New Zealand stock exchange (NZX) or money transfer services like PayPal and Worldpay, have all been targeted by DDoS hacker groups.
Targeting financial services
These attacks don’t always manifest themselves as actual attacks. Instead, hackers may contact these companies and threaten them with large and potentially crippling DDoS attacks unless the victims agree to pay out large ransoms in Bitcoin and other cryptocurrency. In some cases, they threaten that such attacks will continue until the ransom is paid.
Due to their perceived or real deep pockets, financial services companies present an attractive target for hackers. Service outages can cost any company money, but in the case of large financial firms this loss is likely to be in the order of thousands of dollars per hour that they are not available. Hackers therefore reason that some may be willing to pay out an amount smaller than their potential loss in order to avoid such an attack.
Financial service companies’ loss of appetite for risk could also theoretically make them more likely to pay up rather than gambling on the chance of an attack that may or may not happen. Finally, attackers may focus their efforts on attacking financial services for other reasons — whether it’s to gain bragging rights or to fulfill political goals.
Protecting against DDoS attacks
Of course, a much smarter move than negotiating with terrorists or outright paying their demands is to make sure you’re properly protected against DDoS attacks. This is something no modern organization should be without. To protect against DDoS attacks, it’s worth considering calling in the cybersecurity experts. As a result of increasing DDoS attacks, this could be an important step in the Federal Financial Institutions Examination Council’s (FFIEC) demands that banks other financial services institutions periodically monitor for DDoS attacks.
DDoS protection systems work by looking for potential attacks in progress and blocking them, while continuing to let through legitimate traffic. They can also mitigate large scale attacks with high-capacity networks that are able to process massive numbers of attack packets per second (think billions of attack packets at a time). If you have not implemented such cybersecurity measures, along with internal policies for dealing with such attacks, it is highly advisable to do so.
DDoS attacks can be — and are — devastating in their effects. Fortunately, there are ways to protect and fight back against them. Make sure that you are never taken by surprise and left in the position of seriously considering paying out massive ransom demands just to keep offering your services to your trusted users.