The DDoS attacks on the banking industry aren’t going away anytime soon. The bad guys know that the attacks are effective, or at least aren’t being prevented, so why not keep at it?
But have you wondered what these attacks look like from the banking industry’s perspective? New research conducted by the Ponemon Institute and commissioned by Corero Network Security provides that perspective.
What they found is that attacks may be wider spread than we realize. The big banks are the ones that get all the press, but according to the study, which surveyed 650 IT and IT security practitioners at 351 banks, nearly two thirds (64 percent) of IT and IT security practitioners reported that their banks have suffered at least one distributed denial of service (DDoS) attack in the last 12 months and 78 percent of those surveyed believed that DDoS attacks will continue or significantly increase in 2013, leaving them vulnerable to cyber attacks that could lead to downtime and compromised data. Nearly half (48 percent) said they have been hit multiple times in that 12-month period.
One of the findings that jumped out at me was that those surveyed thought zero-day attacks and DDoS attacks were a bank’s most severe threat, with malicious insiders coming up as least severe. Yet, these same respondents said that diminished productivity of the bank’s IT staff is the worst consequence of a DDoS attack. Maybe it is just me, but if you think that the time and effort it takes to respond to an attack is your definition of what constitutes a severe threat, you may want to take another look at your overall security. Downtime is definitely bad for the company’s reputation, but is it worse than an attack that results in theft of customer funds and perhaps identification?
Another key finding in the report was this:
There is more confidence in the ability to detect than prevent DDoS attacks. Although the majority of respondents do not believe they are effective in detecting and preventing DDoS attacks, there is more confidence in their ability to detect these attacks.
Keep reading, however, and you’ll find the reasons why detecting is easier than preventing. The respondents report a lack of resources to deal with the attacks and a dependence on older and more traditional security technologies, particularly firewalls, to protect from growingly sophisticated attacks.
So what did I get from the report? That the banking industry is going to continue to be the target of DDoS attacks, and perhaps more malicious attacks in the future, if they don’t update their outlook and approach to security.