Credit card giant American Express fell victim to a massive denial of service attack, this past March 28th. The website shut down for at least two grizzly hours, which can mean millions in lost revenue. The group responsible for the attack calls themselves, ‘the cyber-fighters of Izz ad-Din al-Qassam’, group.
An American Express representative said, “Our site experienced a distributed-denial-of-service (DDoS) attack for about two hours on Thursday afternoon…We experienced intermittent slowing on our website that would have disrupted customers’ ability to access their account information. We had a plan in place to defend against a potential attack and have taken steps to minimize ongoing customer impact.”
The new attacks aren’t the first of its kind. It’s a trend that has boogled the minds of many security analysts, since the financial industry has focused more on APT ,a.k.a ,advanced persistent threat attacks and cyber-espionage lately. Just last September the same group, Izz ad-Din al-Qassam, targeted much larger US financial institutions. For some reason the group is trying to force the removal of an offensive YouTube film trailer for the movie, The Innocence of Muslims, or pay the price to keep it running.
Dan Holden, director of Arbor Networks’ Security Engineering & Response Team said. “The biggest change is the maintenance and the growth in the botnet,” and that “there has been a big investment on their part to keep the campaign growing. And they’ve added some twists and techniques to their tools as time goes on, focusing their attacks more on the particular applications of the banks they’re targeting. Now there are particular tools being used for a specific set of banks.”
Holden believes with this amount of time, effort, smarts and sophistication, that it has to be well funded supported hacktivists.Dan goes on to state, “they’re not interested in the biggest DDoS they can make—they’re more interested in creating constant pressure to prove whatever they’re trying to prove. They’re in it for the long haul.”
South Korean banks and other companies have also been political targets using the same kind of cyberattacks.
You must be logged in to post a comment.
Text Widget from primary area. Read more
Sorry. No data so far.
© 2012 Toronto Professional services LTD. All rights reserved