CSO Online – (International) Bank attackers are more sophisticated than typical hacktivists, an expert says. The hackers who said they were behind cyberattacks that disrupted the online operations of several U.S. banks the week of September 24 had technical firepower that went beyond the typical hacktivist, said one security expert. Experts debated the methods used in cyber-assaults on Wells Fargo, U.S. Bank, and PNC Bank, each struck on separate days, CSO Online reported September 28. The senior security evangelist at Akamai said the banks' web servers were hit by as much as 65 gigabits of traffic per second, roughly 60 times greater than the typical denial of service attack launched by hacktivists. Also, the attackers used a single toolkit to build the programs that sent mostly junk data over the Internet to the banks' servers, he said. Hacktivists typically use multiple toolkits to run programs spread across compromised computers and sympathizers. The attack traffic Akamai confronted was fairly uniform, he said. This does not happen with a hacktivist mob. A security researcher for FireEye who monitored the attack traffic believes it was generated on hundreds of thousands of computers, many of which were likely owned by sympathizers of the attackers recruited through websites and social networks. He stuck by his people-powered theory, but agreed the attackers could have used a combination of servers and personal computers, some compromised and some belonging to sympathizers.
Ali Loney is a Senior UX Designer at Walmart Labs. She is based in Canada and was the former Graphic Designer at Sonatype.
Explore All Posts by Ali LoneyTags
Discover a Better Way to SCA
Forrester evaluated 10 SCA providers and recognized Sonatype with the highest possible scores. Learn why Sonatype was named a leader in Forrester Wave™ for SCA.