-
The impact distributed denial of service attacks on banks has had on consumers has been minimal, according to a consumer survey shared exclusively with American Banker on Monday.
August 5 -
The wave of DDoS attacks on banks that began July 23 is having a less severe impact on their websites. However, new, related fraud threats persist.
August 2 -
Regions Bank was the victim of cyber attackers that shuttered the bank's website and interrupted its customers' debit cards.
July 29 -
A hacktivist group that calls itself the Izz ad-Din al-Qassam Cyber Fighters is threatening a new wave DDoS attacks on banks, but security experts believe their tactics to be more nuisance than menace.
July 25
After keeping a low profile for roughly the past eight months, the cybersecurity startup Defense.net is ready to roll.
The Belmont, Calif., company, founded by Prolexic Technologies co-founder Barrett Lyon, will focus on helping customers combat distributed denial of service attacks. The company plans to announce its product suite next month.
Lyon, Defense.net's chief technology officer, says he has experienced bank cyberattacks firsthand his online and mobile Bank of America account was hacked.
"It happened several times," he says. "Either my app wouldn't work, or I couldn't log in. I realized that the existing legacy mitigation companies aren't cutting it."
"When I started Prolexic, the attacks were pretty much extortion," Lyon says hackers threatened companies that if they did not pay up their websites would be shut down.
DDoS and other cyberattacks have drastically changed in the past 18 months hackers have become "hacktivists," and financial companies face state-sponsored assaults.
The Izz ad-Din al-Qassam Cyber Fighters recently threatened a
Lyon says that these trends have forced him to think differently about the nature of cyberattacks.
"One thing happening is false positives during attacks," he says. "Your computer appears to be a bad guy when it's not and you can't log in."
Sometimes during an attack, Lyon says, DDoS mitigation companies send all of the traffic through scrubbing centers overseas where consumers might be subject to sketchy privacy laws.
"I don't want my banking traffic routed through the wrong country," Lyon says.
"Once you leave the United States' network," he continues, "you are subject to foreign countries' rules and regulations. Who knows whose eyes are looking at [your bank balance]? I don't want to even worry about that."
Additionally, banks have only a handful of cybersecurity vendors for banks to choose from.
"Essentially every one of these big banking customers is concerned about concentration risk," says Defense.net's chief executive, Chris Risley. "They are concerned that if a whole bunch of banks get attacked at once," some will have priority over others.
And, he adds, with only two major vendors, if one of them shutters or fails, there is only one other option.
"The nature of the industry has changed because the attacks in the last year and a half have changed dramatically," Risley says. So Defense.net was left thinking about how it "could have done it better."
Defense.net has been building its so-called defense network and listening to potential customers. The 15-employee company was incubated in Bessemer Venture Partners' Menlo Park, Calif., office.
Bessemer Venture Partners led Defense.net's initial round of funding, raising $9.5 million.
Along with Lyon, the startup's leaders include two Prolexic veterans: Joe Daly, Defense.net's vice president of network operations, and Dan Murphy, director of systems architecture.