Financial services under threat from DDoS

Nermin Bajric

The financial services industry is under threat from distributed denial of services (DDoS) attacks, and while none have been successful in downing a major marketplace, Prolexic president, Stuart Scholly, warns against complacency.

Forensics carried out by the Prolexic Security and Engineering Team (PLXsert) have identified a trend towards market manipulation whereby DDoS attacks appear intent on lowering the target's stock price or currency values, or temporarily preventing trades from occurring.

Scholly said this symbolises a shift in the nature of DDoS attacks which have been typically launched to fuel public discourse, or for revenge, extortion and blackmail.

"A few specific cyber-terrorist groups are responsible for most of these attacks," Scholly said. "So far they have not been successful in bringing down an entire major marketplace."

"DDoS attacks keep getting bigger, stronger, longer and more sophisticated, so we cannot be complacent. What's more, the risk goes beyond the actual outage; social media chatter and media coverage can amplify the perceived effect, disruption and damage caused by a cyber-attack campaign."

As the public image of a global business is associated with its cyber presence, taking a publicly-traded firm or exchange platform offline can create false or misleading appearances; the core of market manipulation.

In its DDoS Attacks Against Global Markets report, PLXsert claims that since 2011, and growing in 2012 and 2013, DDoS campaigns targeted at financial services have gained traction. Key attacks which have affected stock and currency valuations or interfered with trading include:

Date

Target

Alleged perpetrators

April 27, 2007

Government and finance sites in Estonia

pro-Russian groups

April 2, 2011

A global media and entertainment company

Lulzsec

August 12-13, 2011

HKSC, the Chinese stock exchange

Local attackers

January 5, 2012

Online finance and trading platform

Unattributed

January 12, 2012

Start of operation Ababil targeting American financial firms

Qassam Cyber Fighters

February 14, 2012

US securities and commodities exchange

L0ngWave99

February 14, 2012

US securities and commodities exchange

L0ngWave99

February 14, 2012

eSignal, an electronic trading platform

L0ngWave99

February 14, 2012

US securities and commodities exchange

L0ngWave99

February 14, 2012

1  2  Next Page